fortios_config – Manage config on Fortinet FortiOS firewall devices

New in version 2.3.

Synopsis

• This module provides management of FortiOS Devices configuration.

Parameters

Parameter	Choices/Defaults	Comments
backup boolean	Choices: no ← yes	This argument will cause the module to create a backup of the current running-config from the remote device before any changes are made. The backup file is written to the i(backup) folder.
backup_filename -		Specifies the backup filename. If omitted filename will be formatted like HOST_config.YYYY-MM-DD@HH:MM:SS
backup_path -		Specifies where to store backup files. Required if backup=yes.
config_file - added in 2.4		Path to configuration file. Required when file_mode is True.
file_mode boolean added in 2.4	Choices: no ← yes	Don't connect to any device, only use config_file as input and Output.
filter -	Default: ""	Only for partial backup, you can restrict by giving expected configuration path (ex. firewall address).
host -		Specifies the DNS hostname or IP address for connecting to the remote fortios device. Required when file_mode is False.
password -		Specifies the password used to authenticate to the remote device. Required when file_mode is True.
src -		The src argument provides a path to the configuration template to load into the remote device.
timeout -	Default: 60	Timeout in seconds for connecting to the remote device.
username -		Configures the username used to authenticate to the remote device. Required when file_mode is True.
vdom -		Specifies on which vdom to apply configuration

Notes

Note

• This module requires pyFG python library

Examples

- name: Backup current config
  fortios_config:
    host: 192.168.0.254
    username: admin
    password: password
    backup: yes

- name: Backup only address objects
  fortios_config:
    host: 192.168.0.254
    username: admin
    password: password
    backup: yes
    backup_path: /tmp/forti_backup/
    filter: "firewall address"

- name: Update configuration from file
  fortios_config:
    host: 192.168.0.254
    username: admin
    password: password
    src: new_configuration.conf.j2

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key	Returned	Description
change_string string	only if config changed	The commands really executed by the module
running_config string	always	full config string

Status

• This module is not guaranteed to have a backwards compatible interface. [preview]
• This module is maintained by the Ansible Community. [community]

Authors

• Benjamin Jolivot (@bjolivot)

Hint

If you notice any issues in this documentation you can edit this document to improve it.