def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"wireless_controller_qos_profile": {
"required": False,
"type": "dict",
"default": None,
"options": {
"bandwidth_admission_control": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"bandwidth_capacity": {
"required": False,
"type": "int"
},
"burst": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"call_admission_control": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"call_capacity": {
"required": False,
"type": "int"
},
"comment": {
"required": False,
"type": "str"
},
"downlink": {
"required": False,
"type": "int"
},
"downlink_sta": {
"required": False,
"type": "int"
},
"dscp_wmm_be": {
"required": False,
"type": "list",
"options": {
"id": {
"required": True,
"type": "int"
}
}
},
"dscp_wmm_bk": {
"required": False,
"type": "list",
"options": {
"id": {
"required": True,
"type": "int"
}
}
},
"dscp_wmm_mapping": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"dscp_wmm_vi": {
"required": False,
"type": "list",
"options": {
"id": {
"required": True,
"type": "int"
}
}
},
"dscp_wmm_vo": {
"required": False,
"type": "list",
"options": {
"id": {
"required": True,
"type": "int"
}
}
},
"name": {
"required": True,
"type": "str"
},
"uplink": {
"required": False,
"type": "int"
},
"uplink_sta": {
"required": False,
"type": "int"
},
"wmm": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"wmm_uapsd": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_wireless_controller(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_wireless_controller(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"switch_controller_igmp_snooping": {
"required": False,
"type": "dict",
"default": None,
"options": {
"aging_time": {
"required": False,
"type": "int"
},
"flood_unknown_multicast": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_switch_controller(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_switch_controller(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
from mock import ANY
from ansible_collections.notmintest.not_a_real_collection.plugins.module_utils.network.fortios.fortios import FortiOSHandler
try:
from ansible_collections.notmintest.not_a_real_collection.plugins.modules import fortios_switch_controller_storm_control
except ImportError:
pytest.skip("Could not load required modules for testing", allow_module_level=True)
@pytest.fixture(autouse=True)
def connection_mock(mocker):
connection_class_mock = mocker.patch('ansible_collections.notmintest.not_a_real_collection.plugins.modules.fortios_switch_controller_storm_control.Connection')
return connection_class_mock
fos_instance = FortiOSHandler(connection_mock)
def test_switch_controller_storm_control_creation(mocker):
schema_method_mock = mocker.patch('ansible_collections.notmintest.not_a_real_collection.plugins.module_utils.network.fortios.fortios.FortiOSHandler.schema')
set_method_result = {'status': 'success', 'http_method': 'POST', 'http_status': 200}
set_method_mock = mocker.patch('ansible_collections.notmintest.not_a_real_collection.plugins.module_utils.network.fortios.fortios.FortiOSHandler.set', return_value=set_method_result)
input_data = {
'username': '******',
'state': 'present',
'switch_controller_storm_control': {
'broadcast': 'enable',
'rate': '4',
'unknown_multicast': 'enable',
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"endpoint_control_forticlient_ems": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"address": {
"required": False,
"type": "str"
},
"admin_password": {
"required": False,
"type": "str"
},
"admin_type": {
"required": False,
"type": "str",
"choices": ["Windows", "LDAP"]
},
"admin_username": {
"required": False,
"type": "str"
},
"https_port": {
"required": False,
"type": "int"
},
"listen_port": {
"required": False,
"type": "int"
},
"name": {
"required": True,
"type": "str"
},
"rest_api_auth": {
"required": False,
"type": "str",
"choices": ["disable", "userpass"]
},
"serial_number": {
"required": False,
"type": "str"
},
"upload_port": {
"required": False,
"type": "int"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_endpoint_control(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_endpoint_control(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"choices": ["present", "absent"]},
"user_ldap": {
"required": False, "type": "dict", "default": None,
"options": {
"account_key_filter": {"required": False, "type": "str"},
"account_key_processing": {"required": False, "type": "str",
"choices": ["same", "strip"]},
"ca_cert": {"required": False, "type": "str"},
"cnid": {"required": False, "type": "str"},
"dn": {"required": False, "type": "str"},
"group_filter": {"required": False, "type": "str"},
"group_member_check": {"required": False, "type": "str",
"choices": ["user-attr", "group-object", "posix-group-object"]},
"group_object_filter": {"required": False, "type": "str"},
"group_search_base": {"required": False, "type": "str"},
"member_attr": {"required": False, "type": "str"},
"name": {"required": True, "type": "str"},
"password": {"required": False, "type": "str"},
"password_expiry_warning": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"password_renewal": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"port": {"required": False, "type": "int"},
"secondary_server": {"required": False, "type": "str"},
"secure": {"required": False, "type": "str",
"choices": ["disable", "starttls", "ldaps"]},
"server": {"required": False, "type": "str"},
"server_identity_check": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"source_ip": {"required": False, "type": "str"},
"ssl_min_proto_version": {"required": False, "type": "str",
"choices": ["default", "SSLv3", "TLSv1",
"TLSv1-1", "TLSv1-2"]},
"tertiary_server": {"required": False, "type": "str"},
"type": {"required": False, "type": "str",
"choices": ["simple", "anonymous", "regular"]},
"username": {"required": False, "type": "str"}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_user(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_user(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"router_multicast": {
"required": False,
"type": "dict",
"default": None,
"options": {
"interface": {
"required": False,
"type": "list",
"options": {
"bfd": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"cisco_exclude_genid": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"dr_priority": {
"required": False,
"type": "int"
},
"hello_holdtime": {
"required": False,
"type": "int"
},
"hello_interval": {
"required": False,
"type": "int"
},
"igmp": {
"required": False,
"type": "dict",
"options": {
"access_group": {
"required": False,
"type": "str"
},
"immediate_leave_group": {
"required": False,
"type": "str"
},
"last_member_query_count": {
"required": False,
"type": "int"
},
"last_member_query_interval": {
"required": False,
"type": "int"
},
"query_interval": {
"required": False,
"type": "int"
},
"query_max_response_time": {
"required": False,
"type": "int"
},
"query_timeout": {
"required": False,
"type": "int"
},
"router_alert_check": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"version": {
"required": False,
"type": "str",
"choices": ["3", "2", "1"]
}
}
},
"join_group": {
"required": False,
"type": "list",
"options": {
"address": {
"required": True,
"type": "str"
}
}
},
"multicast_flow": {
"required": False,
"type": "str"
},
"name": {
"required": True,
"type": "str"
},
"neighbour_filter": {
"required": False,
"type": "str"
},
"passive": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"pim_mode": {
"required": False,
"type": "str",
"choices": ["sparse-mode", "dense-mode"]
},
"propagation_delay": {
"required": False,
"type": "int"
},
"rp_candidate": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"rp_candidate_group": {
"required": False,
"type": "str"
},
"rp_candidate_interval": {
"required": False,
"type": "int"
},
"rp_candidate_priority": {
"required": False,
"type": "int"
},
"state_refresh_interval": {
"required": False,
"type": "int"
},
"static_group": {
"required": False,
"type": "str"
},
"ttl_threshold": {
"required": False,
"type": "int"
}
}
},
"multicast_routing": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"pim_sm_global": {
"required": False,
"type": "dict",
"options": {
"accept_register_list": {
"required": False,
"type": "str"
},
"accept_source_list": {
"required": False,
"type": "str"
},
"bsr_allow_quick_refresh": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"bsr_candidate": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"bsr_hash": {
"required": False,
"type": "int"
},
"bsr_interface": {
"required": False,
"type": "str"
},
"bsr_priority": {
"required": False,
"type": "int"
},
"cisco_crp_prefix": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"cisco_ignore_rp_set_priority": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"cisco_register_checksum": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"cisco_register_checksum_group": {
"required": False,
"type": "str"
},
"join_prune_holdtime": {
"required": False,
"type": "int"
},
"message_interval": {
"required": False,
"type": "int"
},
"null_register_retries": {
"required": False,
"type": "int"
},
"register_rate_limit": {
"required": False,
"type": "int"
},
"register_rp_reachability": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"register_source": {
"required": False,
"type": "str",
"choices": ["disable", "interface", "ip-address"]
},
"register_source_interface": {
"required": False,
"type": "str"
},
"register_source_ip": {
"required": False,
"type": "str"
},
"register_supression": {
"required": False,
"type": "int"
},
"rp_address": {
"required": False,
"type": "list",
"options": {
"group": {
"required": False,
"type": "str"
},
"id": {
"required": True,
"type": "int"
},
"ip_address": {
"required": False,
"type": "str"
}
}
},
"rp_register_keepalive": {
"required": False,
"type": "int"
},
"spt_threshold": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"spt_threshold_group": {
"required": False,
"type": "str"
},
"ssm": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"ssm_range": {
"required": False,
"type": "str"
}
}
},
"route_limit": {
"required": False,
"type": "int"
},
"route_threshold": {
"required": False,
"type": "int"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_router(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_router(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"log_fortianalyzer2_setting": {
"required": False,
"type": "dict",
"default": None,
"options": {
"__change_ip": {
"required": False,
"type": "int"
},
"certificate": {
"required": False,
"type": "str"
},
"conn_timeout": {
"required": False,
"type": "int"
},
"enc_algorithm": {
"required": False,
"type": "str",
"choices": ["high-medium", "high", "low"]
},
"faz_type": {
"required": False,
"type": "int"
},
"hmac_algorithm": {
"required": False,
"type": "str",
"choices": ["sha256", "sha1"]
},
"ips_archive": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"mgmt_name": {
"required": False,
"type": "str"
},
"monitor_failure_retry_period": {
"required": False,
"type": "int"
},
"monitor_keepalive_period": {
"required": False,
"type": "int"
},
"reliable": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"server": {
"required": False,
"type": "str"
},
"source_ip": {
"required": False,
"type": "str"
},
"ssl_min_proto_version": {
"required": False,
"type": "str",
"choices":
["default", "SSLv3", "TLSv1", "TLSv1-1", "TLSv1-2"]
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"upload_day": {
"required": False,
"type": "str"
},
"upload_interval": {
"required": False,
"type": "str",
"choices": ["daily", "weekly", "monthly"]
},
"upload_option": {
"required":
False,
"type":
"str",
"choices":
["store-and-upload", "realtime", "1-minute", "5-minute"]
},
"upload_time": {
"required": False,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_log_fortianalyzer2(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_log_fortianalyzer2(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"report_dataset": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"field": {"required": False, "type": "list",
"options": {
"displayname": {"required": False, "type": "str"},
"id": {"required": True, "type": "int"},
"name": {"required": False, "type": "str"},
"type": {"required": False, "type": "str",
"choices": ["text", "integer", "double"]}
}},
"name": {"required": True, "type": "str"},
"parameters": {"required": False, "type": "list",
"options": {
"data_type": {"required": False, "type": "str",
"choices": ["text", "integer", "double",
"long-integer", "date-time"]},
"display_name": {"required": False, "type": "str"},
"field": {"required": False, "type": "str"},
"id": {"required": True, "type": "int"}
}},
"policy": {"required": False, "type": "int"},
"query": {"required": False, "type": "str"}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_report(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_report(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"system_automation_action": {
"required": False,
"type": "dict",
"default": None,
"options": {
"action_type": {
"required":
False,
"type":
"str",
"choices": [
"email", "ios-notification", "alert", "disable-ssid",
"quarantine", "quarantine-forticlient", "ban-ip",
"aws-lambda", "webhook"
]
},
"aws_api_id": {
"required": False,
"type": "str"
},
"aws_api_key": {
"required": False,
"type": "str"
},
"aws_api_path": {
"required": False,
"type": "str"
},
"aws_api_stage": {
"required": False,
"type": "str"
},
"aws_domain": {
"required": False,
"type": "str"
},
"aws_region": {
"required": False,
"type": "str"
},
"delay": {
"required": False,
"type": "int"
},
"email_subject": {
"required": False,
"type": "str"
},
"email_to": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"headers": {
"required": False,
"type": "list",
"options": {
"header": {
"required": True,
"type": "str"
}
}
},
"http_body": {
"required": False,
"type": "str"
},
"method": {
"required": False,
"type": "str",
"choices": ["post", "put", "get"]
},
"minimum_interval": {
"required": False,
"type": "int"
},
"name": {
"required": True,
"type": "str"
},
"port": {
"required": False,
"type": "int"
},
"protocol": {
"required": False,
"type": "str",
"choices": ["http", "https"]
},
"required": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"uri": {
"required": False,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"switch_controller_security_policy_802_1X": {
"required": False,
"type": "dict",
"default": None,
"options": {
"auth_fail_vlan": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"auth_fail_vlan_id": {
"required": False,
"type": "str"
},
"auth_fail_vlanid": {
"required": False,
"type": "int"
},
"eap_passthru": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"guest_auth_delay": {
"required": False,
"type": "int"
},
"guest_vlan": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"guest_vlan_id": {
"required": False,
"type": "str"
},
"guest_vlanid": {
"required": False,
"type": "int"
},
"mac_auth_bypass": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"name": {
"required": True,
"type": "str"
},
"open_auth": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"policy_type": {
"required": False,
"type": "str",
"choices": ["802.1X"]
},
"radius_timeout_overwrite": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"security_mode": {
"required": False,
"type": "str",
"choices": ["802.1X", "802.1X-mac-based"]
},
"user_group": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_switch_controller_security_policy(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_switch_controller_security_policy(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"log_syslogd2_setting": {
"required": False,
"type": "dict",
"default": None,
"options": {
"certificate": {
"required": False,
"type": "str"
},
"custom_field_name": {
"required": False,
"type": "list",
"options": {
"custom": {
"required": False,
"type": "str"
},
"id": {
"required": True,
"type": "int"
},
"name": {
"required": False,
"type": "str"
}
}
},
"enc_algorithm": {
"required": False,
"type": "str",
"choices": ["high-medium", "high", "low", "disable"]
},
"facility": {
"required":
False,
"type":
"str",
"choices": [
"kernel", "user", "mail", "daemon", "auth", "syslog",
"lpr", "news", "uucp", "cron", "authpriv", "ftp",
"ntp", "audit", "alert", "clock", "local0", "local1",
"local2", "local3", "local4", "local5", "local6",
"local7"
]
},
"format": {
"required": False,
"type": "str",
"choices": ["default", "csv", "cef"]
},
"mode": {
"required": False,
"type": "str",
"choices": ["udp", "legacy-reliable", "reliable"]
},
"port": {
"required": False,
"type": "int"
},
"server": {
"required": False,
"type": "str"
},
"source_ip": {
"required": False,
"type": "str"
},
"ssl_min_proto_version": {
"required": False,
"type": "str",
"choices":
["default", "SSLv3", "TLSv1", "TLSv1-1", "TLSv1-2"]
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_log_syslogd2(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_log_syslogd2(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"system_snmp_sysinfo": {
"required": False,
"type": "dict",
"default": None,
"options": {
"contact_info": {
"required": False,
"type": "str"
},
"description": {
"required": False,
"type": "str"
},
"engine_id": {
"required": False,
"type": "str"
},
"location": {
"required": False,
"type": "str"
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"trap_high_cpu_threshold": {
"required": False,
"type": "int"
},
"trap_log_full_threshold": {
"required": False,
"type": "int"
},
"trap_low_memory_threshold": {
"required": False,
"type": "int"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system_snmp(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system_snmp(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"system_vdom_exception": {
"required": False,
"type": "dict",
"default": None,
"options": {
"id": {
"required": True,
"type": "int"
},
"object": {
"required":
False,
"type":
"str",
"choices": [
"log.fortianalyzer.setting",
"log.fortianalyzer.override-setting"
]
},
"oid": {
"required": False,
"type": "int"
},
"scope": {
"required": False,
"type": "str",
"choices": ["all", "inclusive", "exclusive"]
},
"vdom": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"system_automation_trigger": {
"required": False,
"type": "dict",
"default": None,
"options": {
"event_type": {
"required":
False,
"type":
"str",
"choices": [
"ioc", "event-log", "reboot", "low-memory", "high-cpu",
"license-near-expiry", "ha-failover", "config-change",
"security-rating-summary", "virus-ips-db-updated"
]
},
"ioc_level": {
"required": False,
"type": "str",
"choices": ["medium", "high"]
},
"license_type": {
"required":
False,
"type":
"str",
"choices": [
"forticare-support", "fortiguard-webfilter",
"fortiguard-antispam", "fortiguard-antivirus",
"fortiguard-ips", "fortiguard-management", "forticloud"
]
},
"logid": {
"required": False,
"type": "int"
},
"name": {
"required": True,
"type": "str"
},
"trigger_day": {
"required": False,
"type": "int"
},
"trigger_frequency": {
"required": False,
"type": "str",
"choices": ["hourly", "daily", "weekly", "monthly"]
},
"trigger_hour": {
"required": False,
"type": "int"
},
"trigger_minute": {
"required": False,
"type": "int"
},
"trigger_type": {
"required": False,
"type": "str",
"choices": ["event-based", "scheduled"]
},
"trigger_weekday": {
"required":
False,
"type":
"str",
"choices": [
"sunday", "monday", "tuesday", "wednesday", "thursday",
"friday", "saturday"
]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"firewall_DoS_policy6": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"anomaly": {
"required": False,
"type": "list",
"options": {
"action": {
"required": False,
"type": "str",
"choices": ["pass", "block"]
},
"log": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"name": {
"required": True,
"type": "str"
},
"quarantine": {
"required": False,
"type": "str",
"choices": ["none", "attacker"]
},
"quarantine_expiry": {
"required": False,
"type": "str"
},
"quarantine_log": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"status": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"threshold": {
"required": False,
"type": "int"
},
"threshold(default)": {
"required": False,
"type": "int"
}
}
},
"comments": {
"required": False,
"type": "str"
},
"dstaddr": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"interface": {
"required": False,
"type": "str"
},
"policyid": {
"required": True,
"type": "int"
},
"service": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"srcaddr": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_firewall(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_firewall(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"wireless_controller_hotspot20_anqp_nai_realm": {
"required": False,
"type": "dict",
"default": None,
"options": {
"nai_list": {
"required": False,
"type": "list",
"options": {
"eap_method": {
"required": False,
"type": "list",
"options": {
"auth_param": {
"required": False,
"type": "str",
"options": {
"id": {
"required":
False,
"type":
"str",
"choices": [
"non-eap-inner-auth",
"inner-auth-eap", "credential",
"tunneled-credential"
]
},
"index": {
"required": True,
"type": "int"
},
"val": {
"required":
False,
"type":
"str",
"choices": [
"eap-identity", "eap-md5",
"eap-tls", "eap-ttls",
"eap-peap", "eap-sim",
"eap-aka", "eap-aka-prime",
"non-eap-pap", "non-eap-chap",
"non-eap-mschap",
"non-eap-mschapv2", "cred-sim",
"cred-usim", "cred-nfc",
"cred-hardware-token",
"cred-softoken",
"cred-certificate",
"cred-user-pwd", "cred-none",
"cred-vendor-specific",
"tun-cred-sim",
"tun-cred-usim",
"tun-cred-nfc",
"tun-cred-hardware-token",
"tun-cred-softoken",
"tun-cred-certificate",
"tun-cred-user-pwd",
"tun-cred-anonymous",
"tun-cred-vendor-specific"
]
}
}
},
"index": {
"required": True,
"type": "int"
},
"method": {
"required":
False,
"type":
"str",
"choices": [
"eap-identity", "eap-md5", "eap-tls",
"eap-ttls", "eap-peap", "eap-sim",
"eap-aka", "eap-aka-prime"
]
}
}
},
"encoding": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"nai_realm": {
"required": False,
"type": "str"
},
"name": {
"required": True,
"type": "str"
}
}
},
"name": {
"required": True,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_wireless_controller_hotspot20(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_wireless_controller_hotspot20(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"vpn_ssl_settings": {
"required": False, "type": "dict", "default": None,
"options": {
"auth_timeout": {"required": False, "type": "int"},
"authentication_rule": {"required": False, "type": "list",
"options": {
"auth": {"required": False, "type": "str",
"choices": ["any", "local", "radius",
"tacacs+", "ldap"]},
"cipher": {"required": False, "type": "str",
"choices": ["any", "high", "medium"]},
"client_cert": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"groups": {"required": False, "type": "list",
"options": {
"name": {"required": True, "type": "str"}
}},
"id": {"required": True, "type": "int"},
"portal": {"required": False, "type": "str"},
"realm": {"required": False, "type": "str"},
"source_address": {"required": False, "type": "list",
"options": {
"name": {"required": True, "type": "str"}
}},
"source_address_negate": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"source_address6": {"required": False, "type": "list",
"options": {
"name": {"required": True, "type": "str"}
}},
"source_address6_negate": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"source_interface": {"required": False, "type": "list",
"options": {
"name": {"required": True, "type": "str"}
}},
"users": {"required": False, "type": "list",
"options": {
"name": {"required": True, "type": "str"}
}}
}},
"auto_tunnel_static_route": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"banned_cipher": {"required": False, "type": "str",
"choices": ["RSA", "DH", "DHE",
"ECDH", "ECDHE", "DSS",
"ECDSA", "AES", "AESGCM",
"CAMELLIA", "3DES", "SHA1",
"SHA256", "SHA384", "STATIC"]},
"check_referer": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"default_portal": {"required": False, "type": "str"},
"deflate_compression_level": {"required": False, "type": "int"},
"deflate_min_data_size": {"required": False, "type": "int"},
"dns_server1": {"required": False, "type": "str"},
"dns_server2": {"required": False, "type": "str"},
"dns_suffix": {"required": False, "type": "str"},
"dtls_hello_timeout": {"required": False, "type": "int"},
"dtls_tunnel": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"force_two_factor_auth": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"header_x_forwarded_for": {"required": False, "type": "str",
"choices": ["pass", "add", "remove"]},
"http_compression": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"http_only_cookie": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"http_request_body_timeout": {"required": False, "type": "int"},
"http_request_header_timeout": {"required": False, "type": "int"},
"https_redirect": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"idle_timeout": {"required": False, "type": "int"},
"ipv6_dns_server1": {"required": False, "type": "str"},
"ipv6_dns_server2": {"required": False, "type": "str"},
"ipv6_wins_server1": {"required": False, "type": "str"},
"ipv6_wins_server2": {"required": False, "type": "str"},
"login_attempt_limit": {"required": False, "type": "int"},
"login_block_time": {"required": False, "type": "int"},
"login_timeout": {"required": False, "type": "int"},
"port": {"required": False, "type": "int"},
"port_precedence": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"reqclientcert": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"route_source_interface": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"servercert": {"required": False, "type": "str"},
"source_address": {"required": False, "type": "list",
"options": {
"name": {"required": True, "type": "str"}
}},
"source_address_negate": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"source_address6": {"required": False, "type": "list",
"options": {
"name": {"required": True, "type": "str"}
}},
"source_address6_negate": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"source_interface": {"required": False, "type": "list",
"options": {
"name": {"required": True, "type": "str"}
}},
"ssl_client_renegotiation": {"required": False, "type": "str",
"choices": ["disable", "enable"]},
"ssl_insert_empty_fragment": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"tlsv1_0": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"tlsv1_1": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"tlsv1_2": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"tunnel_ip_pools": {"required": False, "type": "list",
"options": {
"name": {"required": True, "type": "str"}
}},
"tunnel_ipv6_pools": {"required": False, "type": "list",
"options": {
"name": {"required": True, "type": "str"}
}},
"unsafe_legacy_renegotiation": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"url_obscuration": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"wins_server1": {"required": False, "type": "str"},
"wins_server2": {"required": False, "type": "str"},
"x_content_type_options": {"required": False, "type": "str",
"choices": ["enable", "disable"]}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_vpn_ssl(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_vpn_ssl(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"user_device": {
"required": False,
"type": "dict",
"default": None,
"options": {
"alias": {
"required": True,
"type": "str"
},
"avatar": {
"required": False,
"type": "str"
},
"category": {
"required":
False,
"type":
"str",
"choices": [
"none", "amazon-device", "android-device",
"blackberry-device", "fortinet-device", "ios-device",
"windows-device"
]
},
"comment": {
"required": False,
"type": "str"
},
"mac": {
"required": False,
"type": "str"
},
"master_device": {
"required": False,
"type": "str"
},
"tagging": {
"required": False,
"type": "list",
"options": {
"category": {
"required": False,
"type": "str"
},
"name": {
"required": True,
"type": "str"
},
"tags": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
}
}
},
"type": {
"required":
False,
"type":
"str",
"choices": [
"unknown", "android-phone", "android-tablet",
"blackberry-phone", "blackberry-playbook", "forticam",
"fortifone", "fortinet-device", "gaming-console",
"ip-phone", "ipad", "iphone", "linux-pc", "mac",
"media-streaming", "printer", "router-nat-device",
"windows-pc", "windows-phone", "windows-tablet",
"other-network-device"
]
},
"user": {
"required": False,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_user(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_user(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"system_sdn_connector": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"access_key": {
"required": False,
"type": "str"
},
"azure_region": {
"required": False,
"type": "str",
"choices":
["global", "china", "germany", "usgov", "local"]
},
"client_id": {
"required": False,
"type": "str"
},
"client_secret": {
"required": False,
"type": "str"
},
"compartment_id": {
"required": False,
"type": "str"
},
"external_ip": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"gcp_project": {
"required": False,
"type": "str"
},
"key_passwd": {
"required": False,
"type": "str"
},
"login_endpoint": {
"required": False,
"type": "str"
},
"name": {
"required": True,
"type": "str"
},
"nic": {
"required": False,
"type": "list",
"options": {
"ip": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
},
"public_ip": {
"required": False,
"type": "str"
}
}
},
"name": {
"required": True,
"type": "str"
}
}
},
"oci_cert": {
"required": False,
"type": "str"
},
"oci_fingerprint": {
"required": False,
"type": "str"
},
"oci_region": {
"required": False,
"type": "str",
"choices": ["phoenix", "ashburn", "frankfurt", "london"]
},
"password": {
"required": False,
"type": "str"
},
"private_key": {
"required": False,
"type": "str"
},
"region": {
"required": False,
"type": "str"
},
"resource_group": {
"required": False,
"type": "str"
},
"resource_url": {
"required": False,
"type": "str"
},
"route": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"route_table": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
},
"route": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
},
"next_hop": {
"required": False,
"type": "str"
}
}
}
}
},
"secret_key": {
"required": False,
"type": "str"
},
"server": {
"required": False,
"type": "str"
},
"server_port": {
"required": False,
"type": "int"
},
"service_account": {
"required": False,
"type": "str"
},
"status": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"subscription_id": {
"required": False,
"type": "str"
},
"tenant_id": {
"required": False,
"type": "str"
},
"type": {
"required":
False,
"type":
"str",
"choices": [
"aci", "aws", "azure", "gcp", "nsx", "nuage", "oci",
"openstack"
]
},
"update_interval": {
"required": False,
"type": "int"
},
"use_metadata_iam": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"user_id": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"vpc_id": {
"required": False,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"wireless_controller_ble_profile": {
"required": False,
"type": "dict",
"default": None,
"options": {
"advertising": {
"required": False,
"type": "str",
"choices": ["ibeacon", "eddystone-uid", "eddystone-url"]
},
"beacon_interval": {
"required": False,
"type": "int"
},
"ble_scanning": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"comment": {
"required": False,
"type": "str"
},
"eddystone_instance": {
"required": False,
"type": "str"
},
"eddystone_namespace": {
"required": False,
"type": "str"
},
"eddystone_url": {
"required": False,
"type": "str"
},
"eddystone_url_encode_hex": {
"required": False,
"type": "str"
},
"ibeacon_uuid": {
"required": False,
"type": "str"
},
"major_id": {
"required": False,
"type": "int"
},
"minor_id": {
"required": False,
"type": "int"
},
"name": {
"required": True,
"type": "str"
},
"txpower": {
"required":
False,
"type":
"str",
"choices": [
"0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "10",
"11", "12"
]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_wireless_controller(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_wireless_controller(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"system_dns": {
"required": False,
"type": "dict",
"default": None,
"options": {
"cache_notfound_responses": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"dns_cache_limit": {
"required": False,
"type": "int"
},
"dns_cache_ttl": {
"required": False,
"type": "int"
},
"domain": {
"required": False,
"type": "list",
"options": {
"domain": {
"required": True,
"type": "str"
}
}
},
"ip6_primary": {
"required": False,
"type": "str"
},
"ip6_secondary": {
"required": False,
"type": "str"
},
"primary": {
"required": False,
"type": "str"
},
"retry": {
"required": False,
"type": "int"
},
"secondary": {
"required": False,
"type": "str"
},
"source_ip": {
"required": False,
"type": "str"
},
"timeout": {
"required": False,
"type": "int"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"system_dhcp_server": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"auto_configuration": {"required": False, "type": "str",
"choices": ["disable", "enable"]},
"conflicted_ip_timeout": {"required": False, "type": "int"},
"ddns_auth": {"required": False, "type": "str",
"choices": ["disable", "tsig"]},
"ddns_key": {"required": False, "type": "str"},
"ddns_keyname": {"required": False, "type": "str"},
"ddns_server_ip": {"required": False, "type": "str"},
"ddns_ttl": {"required": False, "type": "int"},
"ddns_update": {"required": False, "type": "str",
"choices": ["disable", "enable"]},
"ddns_update_override": {"required": False, "type": "str",
"choices": ["disable", "enable"]},
"ddns_zone": {"required": False, "type": "str"},
"default_gateway": {"required": False, "type": "str"},
"dns_server1": {"required": False, "type": "str"},
"dns_server2": {"required": False, "type": "str"},
"dns_server3": {"required": False, "type": "str"},
"dns_service": {"required": False, "type": "str",
"choices": ["local", "default", "specify"]},
"domain": {"required": False, "type": "str"},
"exclude_range": {"required": False, "type": "list",
"options": {
"end_ip": {"required": False, "type": "str"},
"id": {"required": True, "type": "int"},
"start_ip": {"required": False, "type": "str"}
}},
"filename": {"required": False, "type": "str"},
"forticlient_on_net_status": {"required": False, "type": "str",
"choices": ["disable", "enable"]},
"id": {"required": True, "type": "int"},
"interface": {"required": False, "type": "str"},
"ip_mode": {"required": False, "type": "str",
"choices": ["range", "usrgrp"]},
"ip_range": {"required": False, "type": "list",
"options": {
"end_ip": {"required": False, "type": "str"},
"id": {"required": True, "type": "int"},
"start_ip": {"required": False, "type": "str"}
}},
"ipsec_lease_hold": {"required": False, "type": "int"},
"lease_time": {"required": False, "type": "int"},
"mac_acl_default_action": {"required": False, "type": "str",
"choices": ["assign", "block"]},
"netmask": {"required": False, "type": "str"},
"next_server": {"required": False, "type": "str"},
"ntp_server1": {"required": False, "type": "str"},
"ntp_server2": {"required": False, "type": "str"},
"ntp_server3": {"required": False, "type": "str"},
"ntp_service": {"required": False, "type": "str",
"choices": ["local", "default", "specify"]},
"options": {"required": False, "type": "list",
"options": {
"code": {"required": False, "type": "int"},
"id": {"required": True, "type": "int"},
"ip": {"required": False, "type": "str"},
"type": {"required": False, "type": "str",
"choices": ["hex", "string", "ip",
"fqdn"]},
"value": {"required": False, "type": "str"}
}},
"reserved_address": {"required": False, "type": "list",
"options": {
"action": {"required": False, "type": "str",
"choices": ["assign", "block", "reserved"]},
"description": {"required": False, "type": "str"},
"id": {"required": True, "type": "int"},
"ip": {"required": False, "type": "str"},
"mac": {"required": False, "type": "str"}
}},
"server_type": {"required": False, "type": "str",
"choices": ["regular", "ipsec"]},
"status": {"required": False, "type": "str",
"choices": ["disable", "enable"]},
"tftp_server": {"required": False, "type": "list",
"options": {
"tftp_server": {"required": False, "type": "str"}
}},
"timezone": {"required": False, "type": "str",
"choices": ["01", "02", "03",
"04", "05", "81",
"06", "07", "08",
"09", "10", "11",
"12", "13", "74",
"14", "77", "15",
"87", "16", "17",
"18", "19", "20",
"75", "21", "22",
"23", "24", "80",
"79", "25", "26",
"27", "28", "78",
"29", "30", "31",
"32", "33", "34",
"35", "36", "37",
"38", "83", "84",
"40", "85", "41",
"42", "43", "39",
"44", "46", "47",
"51", "48", "45",
"49", "50", "52",
"53", "54", "55",
"56", "57", "58",
"59", "60", "62",
"63", "61", "64",
"65", "66", "67",
"68", "69", "70",
"71", "72", "00",
"82", "73", "86",
"76"]},
"timezone_option": {"required": False, "type": "str",
"choices": ["disable", "default", "specify"]},
"vci_match": {"required": False, "type": "str",
"choices": ["disable", "enable"]},
"vci_string": {"required": False, "type": "list",
"options": {
"vci_string": {"required": False, "type": "str"}
}},
"wifi_ac1": {"required": False, "type": "str"},
"wifi_ac2": {"required": False, "type": "str"},
"wifi_ac3": {"required": False, "type": "str"},
"wins_server1": {"required": False, "type": "str"},
"wins_server2": {"required": False, "type": "str"}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system_dhcp(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system_dhcp(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"user_local": {
"required": False,
"type": "dict",
"default": None,
"options": {
"auth_concurrent_override": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"auth_concurrent_value": {
"required": False,
"type": "int"
},
"authtimeout": {
"required": False,
"type": "int"
},
"email_to": {
"required": False,
"type": "str"
},
"fortitoken": {
"required": False,
"type": "str"
},
"id": {
"required": False,
"type": "int"
},
"ldap_server": {
"required": False,
"type": "str"
},
"name": {
"required": True,
"type": "str"
},
"passwd": {
"required": False,
"type": "str"
},
"passwd_policy": {
"required": False,
"type": "str"
},
"passwd_time": {
"required": False,
"type": "str"
},
"ppk_identity": {
"required": False,
"type": "str"
},
"ppk_secret": {
"required": False,
"type": "str"
},
"radius_server": {
"required": False,
"type": "str"
},
"sms_custom_server": {
"required": False,
"type": "str"
},
"sms_phone": {
"required": False,
"type": "str"
},
"sms_server": {
"required": False,
"type": "str",
"choices": ["fortiguard", "custom"]
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"two_factor": {
"required": False,
"type": "str",
"choices": ["disable", "fortitoken", "email", "sms"]
},
"type": {
"required": False,
"type": "str",
"choices": ["password", "radius", "tacacs+", "ldap"]
},
"workstation": {
"required": False,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_user(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_user(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"log_fortiguard_filter": {
"required": False, "type": "dict", "default": None,
"options": {
"anomaly": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"dlp_archive": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"dns": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"filter": {"required": False, "type": "str"},
"filter_type": {"required": False, "type": "str",
"choices": ["include", "exclude"]},
"forward_traffic": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"gtp": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"local_traffic": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"multicast_traffic": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"netscan_discovery": {"required": False, "type": "str"},
"netscan_vulnerability": {"required": False, "type": "str"},
"severity": {"required": False, "type": "str",
"choices": ["emergency", "alert", "critical",
"error", "warning", "notification",
"information", "debug"]},
"sniffer_traffic": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"ssh": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"voip": {"required": False, "type": "str",
"choices": ["enable", "disable"]}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_log_fortiguard(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_log_fortiguard(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"firewall_proxy_address": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"case_sensitivity": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"category": {
"required": False,
"type": "list",
"options": {
"id": {
"required": True,
"type": "int"
}
}
},
"color": {
"required": False,
"type": "int"
},
"comment": {
"required": False,
"type": "str"
},
"header": {
"required": False,
"type": "str"
},
"header_group": {
"required": False,
"type": "list",
"options": {
"case_sensitivity": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"header": {
"required": False,
"type": "str"
},
"header_name": {
"required": False,
"type": "str"
},
"id": {
"required": True,
"type": "int"
}
}
},
"header_name": {
"required": False,
"type": "str"
},
"host": {
"required": False,
"type": "str"
},
"host_regex": {
"required": False,
"type": "str"
},
"method": {
"required":
False,
"type":
"str",
"choices": [
"get", "post", "put", "head", "connect", "trace",
"options", "delete"
]
},
"name": {
"required": True,
"type": "str"
},
"path": {
"required": False,
"type": "str"
},
"query": {
"required": False,
"type": "str"
},
"referrer": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"tagging": {
"required": False,
"type": "list",
"options": {
"category": {
"required": False,
"type": "str"
},
"name": {
"required": True,
"type": "str"
},
"tags": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
}
}
},
"type": {
"required":
False,
"type":
"str",
"choices": [
"host-regex", "url", "category", "method", "ua",
"header", "src-advanced", "dst-advanced"
]
},
"ua": {
"required": False,
"type": "str",
"choices": ["chrome", "ms", "firefox", "safari", "other"]
},
"uuid": {
"required": False,
"type": "str"
},
"visibility": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_firewall(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_firewall(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"system_snmp_user": {
"required": False,
"type": "dict",
"default": None,
"options": {
"auth_proto": {
"required": False,
"type": "str",
"choices": ["md5", "sha"]
},
"auth_pwd": {
"required": False,
"type": "str"
},
"events": {
"required":
False,
"type":
"list",
"choices": [
"cpu-high", "mem-low", "log-full", "intf-ip",
"vpn-tun-up", "vpn-tun-down", "ha-switch",
"ha-hb-failure", "ips-signature", "ips-anomaly",
"av-virus", "av-oversize", "av-pattern",
"av-fragmented", "fm-if-change", "fm-conf-change",
"bgp-established", "bgp-backward-transition",
"ha-member-up", "ha-member-down", "ent-conf-change",
"av-conserve", "av-bypass", "av-oversize-passed",
"av-oversize-blocked", "ips-pkg-update",
"ips-fail-open", "faz-disconnect", "wc-ap-up",
"wc-ap-down", "fswctl-session-up",
"fswctl-session-down", "load-balance-real-server-down",
"device-new", "per-cpu-high"
]
},
"ha_direct": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"name": {
"required": True,
"type": "str"
},
"notify_hosts": {
"required": False,
"type": "list"
},
"notify_hosts6": {
"required": False,
"type": "list"
},
"priv_proto": {
"required": False,
"type": "str",
"choices": ["aes", "des", "aes256", "aes256cisco"]
},
"priv_pwd": {
"required": False,
"type": "str"
},
"queries": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"query_port": {
"required": False,
"type": "int"
},
"security_level": {
"required": False,
"type": "str",
"choices":
["no-auth-no-priv", "auth-no-priv", "auth-priv"]
},
"source_ip": {
"required": False,
"type": "str"
},
"source_ipv6": {
"required": False,
"type": "str"
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"trap_lport": {
"required": False,
"type": "int"
},
"trap_rport": {
"required": False,
"type": "int"
},
"trap_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system_snmp(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system_snmp(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"log_eventfilter": {
"required": False,
"type": "dict",
"default": None,
"options": {
"compliance_check": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"endpoint": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"event": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"ha": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"router": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"security_rating": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"system": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"user": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"vpn": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"wan_opt": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"wireless_activity": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_log(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_log(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"ssh_filter_profile": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"block": {"required": False, "type": "str",
"choices": ["x11", "shell", "exec",
"port-forward", "tun-forward", "sftp",
"unknown"]},
"default_command_log": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"log": {"required": False, "type": "str",
"choices": ["x11", "shell", "exec",
"port-forward", "tun-forward", "sftp",
"unknown"]},
"name": {"required": True, "type": "str"},
"shell_commands": {"required": False, "type": "list",
"options": {
"action": {"required": False, "type": "str",
"choices": ["block", "allow"]},
"alert": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"id": {"required": True, "type": "int"},
"log": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"pattern": {"required": False, "type": "str"},
"severity": {"required": False, "type": "str",
"choices": ["low", "medium", "high",
"critical"]},
"type": {"required": False, "type": "str",
"choices": ["simple", "regex"]}
}}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_ssh_filter(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_ssh_filter(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"web_proxy_url_match": {
"required": False,
"type": "dict",
"default": None,
"options": {
"cache_exemption": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"comment": {
"required": False,
"type": "str"
},
"forward_server": {
"required": False,
"type": "str"
},
"name": {
"required": True,
"type": "str"
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"url_pattern": {
"required": False,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_web_proxy(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_web_proxy(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"choices": ["present", "absent"]},
"user_peer": {
"required": False, "type": "dict", "default": None,
"options": {
"ca": {"required": False, "type": "str"},
"cn": {"required": False, "type": "str"},
"cn_type": {"required": False, "type": "str",
"choices": ["string", "email", "FQDN",
"ipv4", "ipv6"]},
"ldap_mode": {"required": False, "type": "str",
"choices": ["password", "principal-name"]},
"ldap_password": {"required": False, "type": "str"},
"ldap_server": {"required": False, "type": "str"},
"ldap_username": {"required": False, "type": "str"},
"mandatory_ca_verify": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"name": {"required": True, "type": "str"},
"ocsp_override_server": {"required": False, "type": "str"},
"passwd": {"required": False, "type": "str"},
"subject": {"required": False, "type": "str"},
"two_factor": {"required": False, "type": "str",
"choices": ["enable", "disable"]}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_user(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_user(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
