community.fortios.fmgr_device_provision_template – Manages Device Provisioning Templates in FortiManager.
Note
This plugin is part of the community.fortios collection (version 1.0.0).
To install it use: ansible-galaxy collection install community.fortios
.
To use it in a playbook, specify: community.fortios.fmgr_device_provision_template
.
Synopsis
- Allows the editing and assignment of device provisioning templates in FortiManager.
Parameters
Parameter | Choices/Defaults | Comments |
---|---|---|
admin_enable_fortiguard string |
| Enables FortiGuard security updates to their default settings. |
admin_fortianalyzer_target string | Configures faz target. | |
admin_fortiguard_target string | Configures fortiguard target. admin_enable_fortiguard must be set to "direct". | |
admin_gui_theme string |
| Changes the admin gui theme. |
admin_http_port string | Non-SSL admin gui port number. | |
admin_https_port string | SSL admin gui port number. | |
admin_https_redirect string |
| Enables or disables https redirect from http. |
admin_language string |
| Sets the admin gui language. |
admin_switch_controller string |
| Enables or disables the switch controller. |
admin_timeout string | Admin timeout in minutes. | |
adom string / required | The ADOM the configuration should belong to. | |
delete_provisioning_template string | If specified, all other options are ignored. The specified provisioning template will be deleted. | |
device_unique_name string / required | The unique device's name that you are editing. | |
dns_primary_ipv4 string | primary ipv4 dns forwarder. | |
dns_secondary_ipv4 string | secondary ipv4 dns forwarder. | |
dns_suffix string | Sets the local dns domain suffix. | |
mode string |
| Sets one of three modes for managing the object. Allows use of soft-adds instead of overwriting existing values. |
ntp_auth string |
| Enables or disables ntp authentication. |
ntp_auth_pwd string | Sets the ntp auth password. | |
ntp_server string | Only used with custom ntp_type -- specifies IP of server to sync to -- comma separated ip addresses for multiples. | |
ntp_status string |
| Enables or disables ntp. |
ntp_sync_interval string | Sets the interval in minutes for ntp sync. | |
ntp_type string |
| Enables fortiguard servers or custom servers are the ntp source. |
ntp_v3 string |
| Enables or disables ntpv3 (default is ntpv4). |
provision_targets string / required | The friendly names of devices in FortiManager to assign the provisioning template to. CSV separated list. | |
provisioning_template string / required | The provisioning template you want to apply (default = default). | |
smtp_conn_sec string |
| defines the ssl level for smtp. |
smtp_password string | SMTP password. | |
smtp_port string | SMTP port number. | |
smtp_replyto string | SMTP reply to address. | |
smtp_server string | SMTP server ipv4 address. | |
smtp_source_ipv4 string | SMTP source ip address. | |
smtp_username string | SMTP auth username. | |
smtp_validate_cert string |
| Enables or disables valid certificate checking for smtp. |
snmp_status string |
| Enables or disables SNMP globally. |
snmp_v2c_id string | Primary key for the snmp community. this must be unique! | |
snmp_v2c_name string | Specifies the v2c community name. | |
snmp_v2c_query_hosts_ipv4 string | - IPv4 addresses or subnets that are allowed to query SNMP v2c, comma separated ("10.7.220.59 255.255.255.0, 10.7.220.0 255.255.255.0"). | |
snmp_v2c_query_port string | Sets the snmp v2c community query port. | |
snmp_v2c_query_status string |
| Enables or disables the v2c community specified for queries. |
snmp_v2c_status string |
| Enables or disables the v2c community specified. |
snmp_v2c_trap_hosts_ipv4 string | - IPv4 addresses of the hosts that should get SNMP v2c traps, comma separated, must include mask ("10.7.220.59 255.255.255.255, 10.7.220.60 255.255.255.255"). | |
snmp_v2c_trap_port string | Sets the snmp v2c community trap port. | |
snmp_v2c_trap_src_ipv4 string | Source ip the traps should come from IPv4. | |
snmp_v2c_trap_status string |
| Enables or disables the v2c community specified for traps. |
snmpv3_auth_proto string |
| SNMPv3 auth protocol. |
snmpv3_auth_pwd string | SNMPv3 auth pwd __ currently not encrypted! ensure this file is locked down permissions wise! | |
snmpv3_name string | SNMPv3 user name. | |
snmpv3_notify_hosts string | List of ipv4 hosts to send snmpv3 traps to. Comma separated IPv4 list. | |
snmpv3_priv_proto string |
| SNMPv3 priv protocol. |
snmpv3_priv_pwd string | SNMPv3 priv pwd currently not encrypted! ensure this file is locked down permissions wise! | |
snmpv3_queries string |
| Allow snmpv3_queries. |
snmpv3_query_port string | SNMPv3 query port. | |
snmpv3_security_level string |
| SNMPv3 security level. |
snmpv3_source_ip string | SNMPv3 source ipv4 address for traps. | |
snmpv3_status string |
| SNMPv3 user is enabled or disabled. |
snmpv3_trap_rport string | SNMPv3 trap remote port. | |
snmpv3_trap_status string |
| SNMPv3 traps is enabled or disabled. |
syslog_certificate string | Certificate used to communicate with Syslog server if encryption on. | |
syslog_enc_algorithm string |
| Enable/disable reliable syslogging with TLS encryption. choice | high | SSL communication with high encryption algorithms. choice | low | SSL communication with low encryption algorithms. choice | disable | Disable SSL communication. choice | high-medium | SSL communication with high and medium encryption algorithms. |
syslog_facility string |
| Remote syslog facility. choice | kernel | Kernel messages. choice | user | Random user-level messages. choice | mail | Mail system. choice | daemon | System daemons. choice | auth | Security/authorization messages. choice | syslog | Messages generated internally by syslog. choice | lpr | Line printer subsystem. choice | news | Network news subsystem. choice | uucp | Network news subsystem. choice | cron | Clock daemon. choice | authpriv | Security/authorization messages (private). choice | ftp | FTP daemon. choice | ntp | NTP daemon. choice | audit | Log audit. choice | alert | Log alert. choice | clock | Clock daemon. choice | local0 | Reserved for local use. choice | local1 | Reserved for local use. choice | local2 | Reserved for local use. choice | local3 | Reserved for local use. choice | local4 | Reserved for local use. choice | local5 | Reserved for local use. choice | local6 | Reserved for local use. choice | local7 | Reserved for local use. |
syslog_filter string |
| Sets the logging level for syslog. |
syslog_mode string |
| Remote syslog logging over UDP/Reliable TCP. choice | udp | Enable syslogging over UDP. choice | legacy-reliable | Enable legacy reliable syslogging by RFC3195 (Reliable Delivery for Syslog). choice | reliable | Enable reliable syslogging by RFC6587 (Transmission of Syslog Messages over TCP). |
syslog_port string | Syslog port that will be set. | |
syslog_server string | Server the syslogs will be sent to. | |
syslog_status string |
| Enables or disables syslogs. |
Notes
Note
- Full Documentation at https://ftnt-ansible-docs.readthedocs.io/en/latest/.
Examples
- name: SET SNMP SYSTEM INFO community.fortios.fmgr_device_provision_template: provisioning_template: "default" snmp_status: "enable" mode: "set" - name: SET SNMP SYSTEM INFO ANSIBLE ADOM community.fortios.fmgr_device_provision_template: provisioning_template: "default" snmp_status: "enable" mode: "set" adom: "ansible" - name: SET SNMP SYSTEM INFO different template (SNMPv2) community.fortios.fmgr_device_provision_template: provisioning_template: "ansibleTest" snmp_status: "enable" mode: "set" adom: "ansible" snmp_v2c_query_port: "162" snmp_v2c_trap_port: "161" snmp_v2c_status: "enable" snmp_v2c_trap_status: "enable" snmp_v2c_query_status: "enable" snmp_v2c_name: "ansibleV2c" snmp_v2c_id: "1" snmp_v2c_trap_src_ipv4: "10.7.220.41" snmp_v2c_trap_hosts_ipv4: "10.7.220.59 255.255.255.255, 10.7.220.60 255.255.255.255" snmp_v2c_query_hosts_ipv4: "10.7.220.59 255.255.255.255, 10.7.220.0 255.255.255.0" - name: SET SNMP SYSTEM INFO different template (SNMPv3) community.fortios.fmgr_device_provision_template: provisioning_template: "ansibleTest" snmp_status: "enable" mode: "set" adom: "ansible" snmpv3_auth_proto: "sha" snmpv3_auth_pwd: "fortinet" snmpv3_name: "ansibleSNMPv3" snmpv3_notify_hosts: "10.7.220.59,10.7.220.60" snmpv3_priv_proto: "aes256" snmpv3_priv_pwd: "fortinet" snmpv3_queries: "enable" snmpv3_query_port: "161" snmpv3_security_level: "auth_priv" snmpv3_source_ip: "0.0.0.0" snmpv3_status: "enable" snmpv3_trap_rport: "162" snmpv3_trap_status: "enable" - name: SET SYSLOG INFO community.fortios.fmgr_device_provision_template: provisioning_template: "ansibleTest" mode: "set" adom: "ansible" syslog_server: "10.7.220.59" syslog_port: "514" syslog_mode: "disable" syslog_status: "enable" syslog_filter: "information" - name: SET NTP TO FORTIGUARD community.fortios.fmgr_device_provision_template: provisioning_template: "ansibleTest" mode: "set" adom: "ansible" ntp_status: "enable" ntp_sync_interval: "60" type: "fortiguard" - name: SET NTP TO CUSTOM SERVER community.fortios.fmgr_device_provision_template: provisioning_template: "ansibleTest" mode: "set" adom: "ansible" ntp_status: "enable" ntp_sync_interval: "60" ntp_type: "custom" ntp_server: "10.7.220.32,10.7.220.1" ntp_auth: "enable" ntp_auth_pwd: "fortinet" ntp_v3: "disable" - name: SET ADMIN GLOBAL SETTINGS community.fortios.fmgr_device_provision_template: provisioning_template: "ansibleTest" mode: "set" adom: "ansible" admin_https_redirect: "enable" admin_https_port: "4433" admin_http_port: "8080" admin_timeout: "30" admin_language: "english" admin_switch_controller: "enable" admin_gui_theme: "blue" admin_enable_fortiguard: "direct" admin_fortiguard_target: "10.7.220.128" admin_fortianalyzer_target: "10.7.220.61" - name: SET CUSTOM SMTP SERVER community.fortios.fmgr_device_provision_template: provisioning_template: "ansibleTest" mode: "set" adom: "ansible" smtp_username: "ansible" smtp_password: "fortinet" smtp_port: "25" smtp_replyto: "[email protected]" smtp_conn_sec: "starttls" smtp_server: "10.7.220.32" smtp_source_ipv4: "0.0.0.0" smtp_validate_cert: "disable" - name: SET DNS SERVERS community.fortios.fmgr_device_provision_template: provisioning_template: "ansibleTest" mode: "set" adom: "ansible" dns_suffix: "ansible.local" dns_primary_ipv4: "8.8.8.8" dns_secondary_ipv4: "4.4.4.4" - name: SET PROVISIONING TEMPLATE DEVICE TARGETS IN FORTIMANAGER community.fortios.fmgr_device_provision_template: provisioning_template: "ansibleTest" mode: "set" adom: "ansible" provision_targets: "FGT1, FGT2" - name: DELETE ENTIRE PROVISIONING TEMPLATE community.fortios.fmgr_device_provision_template: delete_provisioning_template: "ansibleTest" mode: "delete" adom: "ansible"
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
api_result string | always | full API response, includes status code and message |
Authors
- Luke Weighall (@lweighall)
- Andrew Welsh (@Ghilli3)
- Jim Huber (@p4r4n0y1ng)
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.11/collections/community/fortios/fmgr_device_provision_template_module.html