fortinet.fortimanager.fmgr_switchcontroller_managedswitch module – Configure FortiSwitch devices that are managed by this FortiGate.

Note

This module is part of the fortinet.fortimanager collection (version 2.4.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install fortinet.fortimanager.

To use it in a playbook, specify: fortinet.fortimanager.fmgr_switchcontroller_managedswitch.

New in fortinet.fortimanager 2.0.0

Synopsis 

This module is able to configure a FortiManager device.
Examples include all parameters and values which need to be adjusted to data sources before usage.

Parameters 

Parameter	Comments
access_token string	The token to access FortiManager without using username and password.
adom string / required	The parameter (adom) in requested url.
bypass_validation boolean	Only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters. Choices: `false` ← (default) `true`
enable_log boolean	Enable/Disable logging for task. Choices: `false` ← (default) `true`
forticloud_access_token string	Authenticate Ansible client with forticloud API access token.
proposed_method string	The overridden method for the underlying Json RPC request. Choices: `"update"` `"set"` `"add"`
rc_failed list / elements=integer	The rc codes list with which the conditions to fail will be overriden.
rc_succeeded list / elements=integer	The rc codes list with which the conditions to succeed will be overriden.
state string / required	The directive to create, update or delete an object. Choices: `"present"` `"absent"`
switchcontroller_managedswitch dictionary	The top level parameters set.
_platform string	_Platform.
custom-command list / elements=dictionary	Deprecated, please rename it to custom_command. Custom-Command.
command-entry string	Deprecated, please rename it to command_entry. List of FortiSwitch commands.
command-name string	Deprecated, please rename it to command_name. Names of commands to be pushed to this FortiSwitch device, as config…
description string	Description.
dhcp-server-access-list string	Deprecated, please rename it to dhcp_server_access_list. DHCP snooping server access list. Choices: `"disable"` `"enable"` `"global"`
dhcp-snooping-static-client list / elements=dictionary	Deprecated, please rename it to dhcp_snooping_static_client.
ip string	Client static IP address.
mac string	Client MAC address.
name string	Client name.
port string	Interface name.
vlan string	VLAN name.
firmware-provision string	Deprecated, please rename it to firmware_provision. Enable/disable provisioning of firmware to FortiSwitches on join conne… Choices: `"disable"` `"enable"`
firmware-provision-latest string	Deprecated, please rename it to firmware_provision_latest. Enable/disable one-time automatic provisioning of the latest fi… Choices: `"disable"` `"once"`
firmware-provision-version string	Deprecated, please rename it to firmware_provision_version. Firmware version to provision to this FortiSwitch on bootup
ip-source-guard list / elements=dictionary	Deprecated, please rename it to ip_source_guard.
binding-entry list / elements=dictionary	Deprecated, please rename it to binding_entry.
entry-name string	Deprecated, please rename it to entry_name. Configure binding pair.
ip string	Source IP for this rule.
mac string	MAC address for this rule.
description string	Description.
port string	Ingress interface to which source guard is bound.
l3-discovered integer	Deprecated, please rename it to l3_discovered. L3-Discovered.
mclag-igmp-snooping-aware string	Deprecated, please rename it to mclag_igmp_snooping_aware. Enable/disable MCLAG IGMP-snooping awareness. Choices: `"disable"` `"enable"`
mgmt-mode integer	Deprecated, please rename it to mgmt_mode. FortiLink management mode.
name string / required	Managed-switch name.
override-snmp-community string	Deprecated, please rename it to override_snmp_community. Enable/disable overriding the global SNMP communities. Choices: `"disable"` `"enable"`
override-snmp-sysinfo string	Deprecated, please rename it to override_snmp_sysinfo. Enable/disable overriding the global SNMP system information. Choices: `"disable"` `"enable"`
override-snmp-trap-threshold string	Deprecated, please rename it to override_snmp_trap_threshold. Enable/disable overriding the global SNMP trap threshold values. Choices: `"disable"` `"enable"`
override-snmp-user string	Deprecated, please rename it to override_snmp_user. Enable/disable overriding the global SNMP users. Choices: `"disable"` `"enable"`
poe-detection-type integer	Deprecated, please rename it to poe_detection_type. Poe-Detection-Type.
ports list / elements=dictionary	Ports.
access-mode string	Deprecated, please rename it to access_mode. Access mode of the port. Choices: `"normal"` `"nac"` `"dynamic"` `"static"`
acl-group any	(list) Deprecated, please rename it to acl_group.
aggregator-mode string	Deprecated, please rename it to aggregator_mode. LACP member select mode. Choices: `"bandwidth"` `"count"`
allowed-vlans any	(list or str) Deprecated, please rename it to allowed_vlans. Configure switch port tagged vlans
allowed-vlans-all string	Deprecated, please rename it to allowed_vlans_all. Enable/disable all defined vlans on this port. Choices: `"disable"` `"enable"`
arp-inspection-trust string	Deprecated, please rename it to arp_inspection_trust. Trusted or untrusted dynamic ARP inspection. Choices: `"untrusted"` `"trusted"`
authenticated-port integer	Deprecated, please rename it to authenticated_port.
bundle string	Enable/disable Link Aggregation Group Choices: `"disable"` `"enable"`
description string	Description for port.
dhcp-snoop-option82-override list / elements=dictionary	Deprecated, please rename it to dhcp_snoop_option82_override.
circuit-id string	Deprecated, please rename it to circuit_id. Circuit ID string.
remote-id string	Deprecated, please rename it to remote_id. Remote ID string.
vlan-name string	Deprecated, please rename it to vlan_name. DHCP snooping option 82 VLAN.
dhcp-snoop-option82-trust string	Deprecated, please rename it to dhcp_snoop_option82_trust. Enable/disable allowance of DHCP with option-82 on untr… Choices: `"disable"` `"enable"`
dhcp-snooping string	Deprecated, please rename it to dhcp_snooping. Trusted or untrusted DHCP-snooping interface. Choices: `"trusted"` `"untrusted"`
discard-mode string	Deprecated, please rename it to discard_mode. Configure discard mode for port. Choices: `"none"` `"all-untagged"` `"all-tagged"`
dot1x-enable string	Deprecated, please rename it to dot1x_enable. Choices: `"disable"` `"enable"`
dsl-profile string	Deprecated, please rename it to dsl_profile. DSL policy configuration.
edge-port string	Deprecated, please rename it to edge_port. Enable/disable this interface as an edge port, bridging connections bet… Choices: `"disable"` `"enable"`
encrypted-port integer	Deprecated, please rename it to encrypted_port.
export-to-pool-flag integer	Deprecated, please rename it to export_to_pool_flag. Switch controller export port to pool-list.
fec-capable integer	Deprecated, please rename it to fec_capable. FEC capable.
fec-state string	Deprecated, please rename it to fec_state. State of forward error correction. Choices: `"disabled"` `"cl74"` `"cl91"` `"detect-by-module"`
flap-duration integer	Deprecated, please rename it to flap_duration. Period over which flap events are calculated
flap-rate integer	Deprecated, please rename it to flap_rate. Number of stage change events needed within flap-duration.
flap-timeout integer	Deprecated, please rename it to flap_timeout. Flap guard disabling protection
flapguard string	Enable/disable flap guard. Choices: `"disable"` `"enable"`
flow-control string	Deprecated, please rename it to flow_control. Flow control direction. Choices: `"disable"` `"tx"` `"rx"` `"both"`
fortiswitch-acls any	(list) Deprecated, please rename it to fortiswitch_acls.
igmp-snooping string	Deprecated, please rename it to igmp_snooping. Set IGMP snooping mode for the physical port interface. Choices: `"disable"` `"enable"`
igmp-snooping-flood-reports string	Deprecated, please rename it to igmp_snooping_flood_reports. Enable/disable flooding of IGMP reports to this inter… Choices: `"disable"` `"enable"`
igmps-flood-reports string	Deprecated, please rename it to igmps_flood_reports. Enable/disable flooding of IGMP reports to this interface whe… Choices: `"disable"` `"enable"`
igmps-flood-traffic string	Deprecated, please rename it to igmps_flood_traffic. Enable/disable flooding of IGMP snooping traffic to this inte… Choices: `"disable"` `"enable"`
interface-tags any	(list or str) Deprecated, please rename it to interface_tags.
ip-source-guard string	Deprecated, please rename it to ip_source_guard. Enable/disable IP source guard. Choices: `"disable"` `"enable"`
isl-peer-device-sn string	Deprecated, please rename it to isl_peer_device_sn.
lacp-speed string	Deprecated, please rename it to lacp_speed. End Link Aggregation Control Protocol Choices: `"slow"` `"fast"`
learning-limit integer	Deprecated, please rename it to learning_limit. Limit the number of dynamic MAC addresses on this Port
link-status string	Deprecated, please rename it to link_status. Choices: `"down"` `"up"`
lldp-profile string	Deprecated, please rename it to lldp_profile. LLDP port TLV profile.
lldp-status string	Deprecated, please rename it to lldp_status. LLDP transmit and receive status. Choices: `"disable"` `"rx-only"` `"tx-only"` `"tx-rx"`
loop-guard string	Deprecated, please rename it to loop_guard. Enable/disable loop-guard on this interface, an STP optimization used … Choices: `"disabled"` `"enabled"`
loop-guard-timeout integer	Deprecated, please rename it to loop_guard_timeout. Loop-guard timeout
mac-addr string	Deprecated, please rename it to mac_addr. Port/Trunk MAC.
matched-dpp-intf-tags string	Deprecated, please rename it to matched_dpp_intf_tags. Matched interface tags in the dynamic port policy.
matched-dpp-policy string	Deprecated, please rename it to matched_dpp_policy. Matched child policy in the dynamic port policy.
max-bundle integer	Deprecated, please rename it to max_bundle. Maximum size of LAG bundle
max-miss-heartbeats integer	Deprecated, please rename it to max_miss_heartbeats. Maximum tolerant missed heartbeats.
mcast-snooping-flood-traffic string	Deprecated, please rename it to mcast_snooping_flood_traffic. Enable/disable flooding of IGMP snooping traffic to … Choices: `"disable"` `"enable"`
mclag string	Enable/disable multi-chassis link aggregation Choices: `"disable"` `"enable"`
mclag-icl-port integer	Deprecated, please rename it to mclag_icl_port. Mclag-Icl-Port.
media-type string	Deprecated, please rename it to media_type. Media-Type.
member-withdrawal-behavior string	Deprecated, please rename it to member_withdrawal_behavior. Port behavior after it withdraws because of loss of co… Choices: `"forward"` `"block"`
members any	(list) Aggregated LAG bundle interfaces.
min-bundle integer	Deprecated, please rename it to min_bundle. Minimum size of LAG bundle
mode string	LACP mode Choices: `"static"` `"lacp-passive"` `"lacp-active"`
p2p-port integer	Deprecated, please rename it to p2p_port. P2P-Port.
packet-sample-rate integer	Deprecated, please rename it to packet_sample_rate. Packet sampling rate
packet-sampler string	Deprecated, please rename it to packet_sampler. Enable/disable packet sampling on this interface. Choices: `"disabled"` `"enabled"`
pause-meter integer	Deprecated, please rename it to pause_meter. Configure ingress pause metering rate, in kbps
pause-meter-resume string	Deprecated, please rename it to pause_meter_resume. Resume threshold for resuming traffic on ingress port. Choices: `"25%"` `"50%"` `"75%"`
poe-max-power string	Deprecated, please rename it to poe_max_power.
poe-mode-bt-cabable integer	Deprecated, please rename it to poe_mode_bt_cabable. PoE mode IEEE 802.
poe-port-mode string	Deprecated, please rename it to poe_port_mode. Configure PoE port mode. Choices: `"ieee802-3af"` `"ieee802-3at"` `"ieee802-3bt"`
poe-port-power string	Deprecated, please rename it to poe_port_power. Configure PoE port power. Choices: `"normal"` `"perpetual"` `"perpetual-fast"`
poe-port-priority string	Deprecated, please rename it to poe_port_priority. Configure PoE port priority. Choices: `"critical-priority"` `"high-priority"` `"low-priority"` `"medium-priority"`
poe-pre-standard-detection string	Deprecated, please rename it to poe_pre_standard_detection. Enable/disable PoE pre-standard detection. Choices: `"disable"` `"enable"`
poe-standard string	Deprecated, please rename it to poe_standard.
poe-status string	Deprecated, please rename it to poe_status. Enable/disable PoE status. Choices: `"disable"` `"enable"`
port-name string	Deprecated, please rename it to port_name. Switch port name.
port-owner string	Deprecated, please rename it to port_owner. Switch port name.
port-policy string	Deprecated, please rename it to port_policy. Switch controller dynamic port policy from available options.
port-security-policy string	Deprecated, please rename it to port_security_policy. Switch controller authentication policy to apply to this man…
port-selection-criteria string	Deprecated, please rename it to port_selection_criteria. Algorithm for aggregate port selection. Choices: `"src-mac"` `"dst-mac"` `"src-dst-mac"` `"src-ip"` `"dst-ip"` `"src-dst-ip"`
ptp-status string	Deprecated, please rename it to ptp_status. Enable/disable PTP policy on this FortiSwitch port. Choices: `"disable"` `"enable"`
qos-policy string	Deprecated, please rename it to qos_policy. Switch controller QoS policy from available options.
restricted-auth-port integer	Deprecated, please rename it to restricted_auth_port.
rpvst-port string	Deprecated, please rename it to rpvst_port. Enable/disable inter-operability with rapid PVST on this interface. Choices: `"disabled"` `"enabled"`
sample-direction string	Deprecated, please rename it to sample_direction. SFlow sample direction. Choices: `"rx"` `"tx"` `"both"`
sflow-counter-interval integer	Deprecated, please rename it to sflow_counter_interval. SFlow sampler counter polling interval
sflow-sample-rate integer	Deprecated, please rename it to sflow_sample_rate. SFlow sampler sample rate
sflow-sampler string	Deprecated, please rename it to sflow_sampler. Enable/disable sFlow protocol on this interface. Choices: `"disabled"` `"enabled"`
status string	Switch port admin status Choices: `"down"` `"up"`
sticky-mac string	Deprecated, please rename it to sticky_mac. Enable or disable sticky-mac on the interface. Choices: `"disable"` `"enable"`
storm-control-policy string	Deprecated, please rename it to storm_control_policy. Switch controller storm control policy from available options.
stp-bpdu-guard string	Deprecated, please rename it to stp_bpdu_guard. Enable/disable STP BPDU guard on this interface. Choices: `"disabled"` `"enabled"`
stp-bpdu-guard-timeout integer	Deprecated, please rename it to stp_bpdu_guard_timeout. BPDU Guard disabling protection
stp-root-guard string	Deprecated, please rename it to stp_root_guard. Enable/disable STP root guard on this interface. Choices: `"disabled"` `"enabled"`
stp-state string	Deprecated, please rename it to stp_state. Enable/disable Spanning Tree Protocol Choices: `"disabled"` `"enabled"`
trunk-member integer	Deprecated, please rename it to trunk_member. Trunk member.
type string	Interface type Choices: `"physical"` `"trunk"`
untagged-vlans any	(list or str) Deprecated, please rename it to untagged_vlans. Configure switch port untagged vlans
vlan string	Assign switch ports to a VLAN.
ptp-profile string	Deprecated, please rename it to ptp_profile. PTP profile configuration.
ptp-status string	Deprecated, please rename it to ptp_status. Enable/disable PTP profile on this FortiSwitch. Choices: `"disable"` `"enable"`
purdue-level string	Deprecated, please rename it to purdue_level. Purdue Level of this FortiSwitch. Choices: `"1"` `"2"` `"3"` `"4"` `"5"` `"1.5"` `"2.5"` `"3.5"` `"5.5"`
qos-drop-policy string	Deprecated, please rename it to qos_drop_policy. Set QoS drop-policy. Choices: `"taildrop"` `"random-early-detection"`
qos-red-probability integer	Deprecated, please rename it to qos_red_probability. Set QoS RED/WRED drop probability.
radius-nas-ip string	Deprecated, please rename it to radius_nas_ip. NAS-IP address.
radius-nas-ip-override string	Deprecated, please rename it to radius_nas_ip_override. Use locally defined NAS-IP. Choices: `"disable"` `"enable"`
remote-log list / elements=dictionary	Deprecated, please rename it to remote_log.
csv string	Enable/disable comma-separated value Choices: `"disable"` `"enable"`
facility string	Facility to log to remote syslog server. Choices: `"kernel"` `"user"` `"mail"` `"daemon"` `"auth"` `"syslog"` `"lpr"` `"news"` `"uucp"` `"cron"` `"authpriv"` `"ftp"` `"ntp"` `"audit"` `"alert"` `"clock"` `"local0"` `"local1"` `"local2"` `"local3"` `"local4"` `"local5"` `"local6"` `"local7"`
name string	Remote log name.
port integer	Remote syslog server listening port.
server string	IPv4 address of the remote syslog server.
severity string	Severity of logs to be transferred to remote log server. Choices: `"emergency"` `"alert"` `"critical"` `"error"` `"warning"` `"notification"` `"information"` `"debug"`
status string	Enable/disable logging by FortiSwitch device to a remote syslog server. Choices: `"disable"` `"enable"`
route-offload string	Deprecated, please rename it to route_offload. Enable/disable route offload on this FortiSwitch. Choices: `"disable"` `"enable"`
route-offload-mclag string	Deprecated, please rename it to route_offload_mclag. Enable/disable route offload MCLAG on this FortiSwitch. Choices: `"disable"` `"enable"`
route-offload-router list / elements=dictionary	Deprecated, please rename it to route_offload_router.
router-ip string	Deprecated, please rename it to router_ip. Router IP address.
vlan-name string	Deprecated, please rename it to vlan_name. VLAN name.
snmp-community list / elements=dictionary	Deprecated, please rename it to snmp_community.
events list / elements=string	No description. Choices: `"cpu-high"` `"mem-low"` `"log-full"` `"intf-ip"` `"ent-conf-change"`
hosts list / elements=dictionary	No description.
id integer	Host entry ID.
ip string	IPv4 address of the SNMP manager
id integer	SNMP community ID.
name string	SNMP community name.
query-v1-port integer	Deprecated, please rename it to query_v1_port. SNMP v1 query port
query-v1-status string	Deprecated, please rename it to query_v1_status. Enable/disable SNMP v1 queries. Choices: `"disable"` `"enable"`
query-v2c-port integer	Deprecated, please rename it to query_v2c_port. SNMP v2c query port
query-v2c-status string	Deprecated, please rename it to query_v2c_status. Enable/disable SNMP v2c queries. Choices: `"disable"` `"enable"`
status string	Enable/disable this SNMP community. Choices: `"disable"` `"enable"`
trap-v1-lport integer	Deprecated, please rename it to trap_v1_lport. SNMP v2c trap local port
trap-v1-rport integer	Deprecated, please rename it to trap_v1_rport. SNMP v2c trap remote port
trap-v1-status string	Deprecated, please rename it to trap_v1_status. Enable/disable SNMP v1 traps. Choices: `"disable"` `"enable"`
trap-v2c-lport integer	Deprecated, please rename it to trap_v2c_lport. SNMP v2c trap local port
trap-v2c-rport integer	Deprecated, please rename it to trap_v2c_rport. SNMP v2c trap remote port
trap-v2c-status string	Deprecated, please rename it to trap_v2c_status. Enable/disable SNMP v2c traps. Choices: `"disable"` `"enable"`
snmp-user list / elements=dictionary	Deprecated, please rename it to snmp_user.
auth-proto string	Deprecated, please rename it to auth_proto. Authentication protocol. Choices: `"md5"` `"sha"`
auth-pwd any	(list) Deprecated, please rename it to auth_pwd.
name string	SNMP user name.
priv-proto string	Deprecated, please rename it to priv_proto. Privacy Choices: `"des"` `"aes"`
priv-pwd any	(list) Deprecated, please rename it to priv_pwd.
queries string	Enable/disable SNMP queries for this user. Choices: `"disable"` `"enable"`
query-port integer	Deprecated, please rename it to query_port. SNMPv3 query port
security-level string	Deprecated, please rename it to security_level. Security level for message authentication and encryption. Choices: `"no-auth-no-priv"` `"auth-no-priv"` `"auth-priv"`
switch-dhcp_opt43_key string	Deprecated, please rename it to switch_dhcp_opt43_key. DHCP option43 key.
switch-id string	Deprecated, please rename it to switch_id. Managed-switch id.
tdr-supported string	Deprecated, please rename it to tdr_supported. Tdr-Supported.
tunnel-discovered integer	Deprecated, please rename it to tunnel_discovered.
vlan list / elements=dictionary	No description.
assignment-priority integer	Deprecated, please rename it to assignment_priority. ‘802.’
vlan-name string	Deprecated, please rename it to vlan_name. VLAN name.
workspace_locking_adom string	The adom to lock for FortiManager running in workspace mode, the value can be global and others including root.
workspace_locking_timeout integer	The maximum time in seconds to wait for other user to release the workspace lock. Default: `300`

Notes 

Note

Starting in version 2.4.0, all input arguments are named using the underscore naming convention (snake_case). Please change the arguments such as “var-name” to “var_name”. Old argument names are still available yet you will receive deprecation warnings. You can ignore this warning by setting deprecation_warnings=False in ansible.cfg.
Running in workspace locking mode is supported in this FortiManager module, the top level parameters workspace_locking_adom and workspace_locking_timeout help do the work.
To create or update an object, use state present directive.
To delete an object, use state absent directive.
Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded

Examples 

- name: Example playbook (generated based on argument schema)
  hosts: fortimanagers
  connection: httpapi
  vars:
    ansible_httpapi_use_ssl: true
    ansible_httpapi_validate_certs: false
    ansible_httpapi_port: 443
  tasks:
    - name: Configure FortiSwitch devices that are managed by this FortiGate.
      fortinet.fortimanager.fmgr_switchcontroller_managedswitch:
        # bypass_validation: false
        workspace_locking_adom: <value in [global, custom adom including root]>
        workspace_locking_timeout: 300
        # rc_succeeded: [0, -2, -3, ...]
        # rc_failed: [-2, -3, ...]
        adom: <your own value>
        state: present # <value in [present, absent]>
        switchcontroller_managedswitch:
          _platform: <string>
          description: <string>
          name: <string>
          ports:
            -
              allowed_vlans: <list or string>
              allowed_vlans_all: <value in [disable, enable]>
              arp_inspection_trust: <value in [untrusted, trusted]>
              bundle: <value in [disable, enable]>
              description: <string>
              dhcp_snoop_option82_trust: <value in [disable, enable]>
              dhcp_snooping: <value in [trusted, untrusted]>
              discard_mode: <value in [none, all-untagged, all-tagged]>
              edge_port: <value in [disable, enable]>
              igmp_snooping: <value in [disable, enable]>
              igmps_flood_reports: <value in [disable, enable]>
              igmps_flood_traffic: <value in [disable, enable]>
              lacp_speed: <value in [slow, fast]>
              learning_limit: <integer>
              lldp_profile: <string>
              lldp_status: <value in [disable, rx-only, tx-only, ...]>
              loop_guard: <value in [disabled, enabled]>
              loop_guard_timeout: <integer>
              max_bundle: <integer>
              mclag: <value in [disable, enable]>
              member_withdrawal_behavior: <value in [forward, block]>
              members: <list or string>
              min_bundle: <integer>
              mode: <value in [static, lacp-passive, lacp-active]>
              poe_pre_standard_detection: <value in [disable, enable]>
              poe_status: <value in [disable, enable]>
              port_name: <string>
              port_owner: <string>
              port_security_policy: <string>
              port_selection_criteria: <value in [src-mac, dst-mac, src-dst-mac, ...]>
              qos_policy: <string>
              sample_direction: <value in [rx, tx, both]>
              sflow_counter_interval: <integer>
              sflow_sample_rate: <integer>
              sflow_sampler: <value in [disabled, enabled]>
              stp_bpdu_guard: <value in [disabled, enabled]>
              stp_bpdu_guard_timeout: <integer>
              stp_root_guard: <value in [disabled, enabled]>
              stp_state: <value in [disabled, enabled]>
              type: <value in [physical, trunk]>
              untagged_vlans: <list or string>
              vlan: <string>
              export_to_pool_flag: <integer>
              mac_addr: <string>
              packet_sample_rate: <integer>
              packet_sampler: <value in [disabled, enabled]>
              sticky_mac: <value in [disable, enable]>
              storm_control_policy: <string>
              dot1x_enable: <value in [disable, enable]>
              max_miss_heartbeats: <integer>
              access_mode: <value in [normal, nac, dynamic, ...]>
              ip_source_guard: <value in [disable, enable]>
              mclag_icl_port: <integer>
              p2p_port: <integer>
              aggregator_mode: <value in [bandwidth, count]>
              rpvst_port: <value in [disabled, enabled]>
              flow_control: <value in [disable, tx, rx, ...]>
              media_type: <string>
              pause_meter: <integer>
              pause_meter_resume: <value in [25%, 50%, 75%]>
              trunk_member: <integer>
              fec_capable: <integer>
              fec_state: <value in [disabled, cl74, cl91, ...]>
              matched_dpp_intf_tags: <string>
              matched_dpp_policy: <string>
              port_policy: <string>
              status: <value in [down, up]>
              dsl_profile: <string>
              flap_duration: <integer>
              flap_rate: <integer>
              flap_timeout: <integer>
              flapguard: <value in [disable, enable]>
              interface_tags: <list or string>
              poe_max_power: <string>
              poe_standard: <string>
              igmp_snooping_flood_reports: <value in [disable, enable]>
              mcast_snooping_flood_traffic: <value in [disable, enable]>
              link_status: <value in [down, up]>
              poe_mode_bt_cabable: <integer>
              poe_port_mode: <value in [ieee802-3af, ieee802-3at, ieee802-3bt]>
              poe_port_power: <value in [normal, perpetual, perpetual-fast]>
              poe_port_priority: <value in [critical-priority, high-priority, low-priority, ...]>
              acl_group: <list or string>
              dhcp_snoop_option82_override:
                -
                  circuit_id: <string>
                  remote_id: <string>
                  vlan_name: <string>
              fortiswitch_acls: <list or integer>
              isl_peer_device_sn: <string>
              authenticated_port: <integer>
              encrypted_port: <integer>
              ptp_status: <value in [disable, enable]>
              restricted_auth_port: <integer>
          switch_id: <string>
          override_snmp_community: <value in [disable, enable]>
          override_snmp_sysinfo: <value in [disable, enable]>
          override_snmp_trap_threshold: <value in [disable, enable]>
          override_snmp_user: <value in [disable, enable]>
          poe_detection_type: <integer>
          remote_log:
            -
              csv: <value in [disable, enable]>
              facility: <value in [kernel, user, mail, ...]>
              name: <string>
              port: <integer>
              server: <string>
              severity: <value in [emergency, alert, critical, ...]>
              status: <value in [disable, enable]>
          snmp_community:
            -
              events:
                - cpu-high
                - mem-low
                - log-full
                - intf-ip
                - ent-conf-change
              hosts:
                -
                  id: <integer>
                  ip: <string>
              id: <integer>
              name: <string>
              query_v1_port: <integer>
              query_v1_status: <value in [disable, enable]>
              query_v2c_port: <integer>
              query_v2c_status: <value in [disable, enable]>
              status: <value in [disable, enable]>
              trap_v1_lport: <integer>
              trap_v1_rport: <integer>
              trap_v1_status: <value in [disable, enable]>
              trap_v2c_lport: <integer>
              trap_v2c_rport: <integer>
              trap_v2c_status: <value in [disable, enable]>
          snmp_user:
            -
              auth_proto: <value in [md5, sha]>
              auth_pwd: <list or string>
              name: <string>
              priv_proto: <value in [des, aes]>
              priv_pwd: <list or string>
              queries: <value in [disable, enable]>
              query_port: <integer>
              security_level: <value in [no-auth-no-priv, auth-no-priv, auth-priv]>
          mclag_igmp_snooping_aware: <value in [disable, enable]>
          ip_source_guard:
            -
              binding_entry:
                -
                  entry_name: <string>
                  ip: <string>
                  mac: <string>
              description: <string>
              port: <string>
          l3_discovered: <integer>
          qos_drop_policy: <value in [taildrop, random-early-detection]>
          qos_red_probability: <integer>
          switch_dhcp_opt43_key: <string>
          tdr_supported: <string>
          custom_command:
            -
              command_entry: <string>
              command_name: <string>
          firmware_provision: <value in [disable, enable]>
          firmware_provision_version: <string>
          dhcp_server_access_list: <value in [disable, enable, global]>
          firmware_provision_latest: <value in [disable, once]>
          dhcp_snooping_static_client:
            -
              ip: <string>
              mac: <string>
              name: <string>
              port: <string>
              vlan: <string>
          ptp_profile: <string>
          ptp_status: <value in [disable, enable]>
          route_offload: <value in [disable, enable]>
          route_offload_mclag: <value in [disable, enable]>
          route_offload_router:
            -
              router_ip: <string>
              vlan_name: <string>
          mgmt_mode: <integer>
          purdue_level: <value in [1, 2, 3, ...]>
          radius_nas_ip: <string>
          radius_nas_ip_override: <value in [disable, enable]>
          tunnel_discovered: <integer>
          vlan:
            -
              assignment_priority: <integer>
              vlan_name: <string>

Return Values 

Common return values are documented here, the following are the fields unique to this module:

Key	Description
meta dictionary	The result of the request. Returned: always
request_url string	The full url requested. Returned: always Sample: `"/sys/login/user"`
response_code integer	The status of api request. Returned: always Sample: `0`
response_data list / elements=string	The api response. Returned: always
response_message string	The descriptive message of the api response. Returned: always Sample: `"OK."`
system_information dictionary	The information of the target system. Returned: always
rc integer	The status the request. Returned: always Sample: `0`
version_check_warning list / elements=string	Warning if the parameters used in the playbook are not supported by the current FortiManager version. Returned: complex

Authors

Xinwei Du (@dux-fortinet)
Xing Li (@lix-fortinet)
Jie Xue (@JieX19)
Link Zheng (@chillancezen)
Frank Shen (@fshen01)
Hongbin Lu (@fgtdev-hblu)

fortinet.fortimanager.fmgr_switchcontroller_managedswitch module – Configure FortiSwitch devices that are managed by this FortiGate.

Synopsis

Parameters

Notes

Examples

Return Values