community.fortios.fmgr_fwpol_package – Manages FortiManager Firewall Policies Packages.
Note
This plugin is part of the community.fortios collection (version 1.0.0).
You might already have this collection installed if you are using the ansible package.
It is not included in ansible-core.
To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install community.fortios.
To use it in a playbook, specify: community.fortios.fmgr_fwpol_package.
Synopsis
Manages FortiManager Firewall Policies Packages. Policy Packages contain one or more Firewall Policies/Rules and are distritbuted via FortiManager to Fortigates.
This module controls the creation/edit/delete/assign of these packages.
Parameters
Parameter |
Comments |
|---|---|
The ADOM the configuration should belong to. Default: “root” |
|
Central NAT setting. Choices:
|
|
Implicit Log setting for all IPv6 policies in package. Choices:
|
|
Implicit Log setting for all IPv4 policies in package. Choices:
|
|
Inspection mode setting for the policies flow or proxy. Choices:
|
|
Sets one of three modes for managing the object. Choices:
|
|
Name of the FortiManager package or folder. |
|
NGFW mode setting for the policies flow or proxy. Choices:
|
|
Are we managing packages or folders, or installing packages? Choices:
|
|
Name of the folder you want to put the package into. |
|
The parent folder name you want to add this object under. |
|
The devices or scope that you want to assign this policy package to. |
|
The members VDOM you want to assign the package to. Default: “root” |
|
if policy-based ngfw-mode, refer to firewall ssl-ssh-profile. |
Notes
Note
Full Documentation at https://ftnt-ansible-docs.readthedocs.io/en/latest/.
Examples
- name: CREATE BASIC POLICY PACKAGE
community.fortios.fmgr_fwpol_package:
adom: "ansible"
mode: "add"
name: "testPackage"
object_type: "pkg"
- name: ADD PACKAGE WITH TARGETS
community.fortios.fmgr_fwpol_package:
mode: "add"
adom: "ansible"
name: "ansibleTestPackage1"
object_type: "pkg"
inspection_mode: "flow"
ngfw_mode: "profile-based"
scope_members: "seattle-fgt02, seattle-fgt03"
- name: ADD FOLDER
community.fortios.fmgr_fwpol_package:
mode: "add"
adom: "ansible"
name: "ansibleTestFolder1"
object_type: "folder"
- name: ADD PACKAGE INTO PARENT FOLDER
community.fortios.fmgr_fwpol_package:
mode: "set"
adom: "ansible"
name: "ansibleTestPackage2"
object_type: "pkg"
parent_folder: "ansibleTestFolder1"
- name: ADD FOLDER INTO PARENT FOLDER
community.fortios.fmgr_fwpol_package:
mode: "set"
adom: "ansible"
name: "ansibleTestFolder2"
object_type: "folder"
parent_folder: "ansibleTestFolder1"
- name: INSTALL PACKAGE
community.fortios.fmgr_fwpol_package:
mode: "set"
adom: "ansible"
name: "ansibleTestPackage1"
object_type: "install"
scope_members: "seattle-fgt03, seattle-fgt02"
- name: REMOVE PACKAGE
community.fortios.fmgr_fwpol_package:
mode: "delete"
adom: "ansible"
name: "ansibleTestPackage1"
object_type: "pkg"
- name: REMOVE NESTED PACKAGE
community.fortios.fmgr_fwpol_package:
mode: "delete"
adom: "ansible"
name: "ansibleTestPackage2"
object_type: "pkg"
parent_folder: "ansibleTestFolder1"
- name: REMOVE NESTED FOLDER
community.fortios.fmgr_fwpol_package:
mode: "delete"
adom: "ansible"
name: "ansibleTestFolder2"
object_type: "folder"
parent_folder: "ansibleTestFolder1"
- name: REMOVE FOLDER
community.fortios.fmgr_fwpol_package:
mode: "delete"
adom: "ansible"
name: "ansibleTestFolder1"
object_type: "folder"
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
|---|---|
full API response, includes status code and message Returned: always |
Authors
Luke Weighall (@lweighall)
Andrew Welsh (@Ghilli3)
Jim Huber (@p4r4n0y1ng)