fortinet.fortimanager.fmgr_switchcontroller_managedswitch_ports module – Managed-switch port list.
Note
This module is part of the fortinet.fortimanager collection (version 2.7.0).
You might already have this collection installed if you are using the ansible
package.
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install fortinet.fortimanager
.
To use it in a playbook, specify: fortinet.fortimanager.fmgr_switchcontroller_managedswitch_ports
.
New in fortinet.fortimanager 2.0.0
Synopsis
This module is able to configure a FortiManager device.
Examples include all parameters and values which need to be adjusted to data sources before usage.
Parameters
Parameter |
Comments |
---|---|
The token to access FortiManager without using username and password. |
|
The parameter (adom) in requested url. |
|
Only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters. Choices:
|
|
Enable/Disable logging for task. Choices:
|
|
Authenticate Ansible client with forticloud API access token. |
|
Deprecated, please use “managed_switch” |
|
The parameter (managed-switch) in requested url. |
|
The overridden method for the underlying Json RPC request. Choices:
|
|
The rc codes list with which the conditions to fail will be overriden. |
|
The rc codes list with which the conditions to succeed will be overriden. |
|
The directive to create, update or delete an object. Choices:
|
|
The top level parameters set. |
|
Deprecated, please rename it to access_mode. Access mode of the port. Choices:
|
|
(list) Deprecated, please rename it to acl_group. ACL groups on this port. |
|
Deprecated, please rename it to aggregator_mode. LACP member select mode. Choices:
|
|
Deprecated, please rename it to allow_arp_monitor. Enable/Disable allow ARP monitor. Choices:
|
|
(list or str) Deprecated, please rename it to allowed_vlans. Configure switch port tagged vlans |
|
Deprecated, please rename it to allowed_vlans_all. Enable/disable all defined vlans on this port. Choices:
|
|
Deprecated, please rename it to arp_inspection_trust. Trusted or untrusted dynamic ARP inspection. Choices:
|
|
Deprecated, please rename it to authenticated_port. Authenticated port. |
|
Enable/disable Link Aggregation Group Choices:
|
|
Description for port. |
|
Deprecated, please rename it to dhcp_snoop_option82_override. Dhcp snoop option82 override. |
|
Deprecated, please rename it to circuit_id. Circuit ID string. |
|
Deprecated, please rename it to remote_id. Remote ID string. |
|
Deprecated, please rename it to vlan_name. DHCP snooping option 82 VLAN. |
|
Deprecated, please rename it to dhcp_snoop_option82_trust. Enable/disable allowance of DHCP with option-82 on untrusted in… Choices:
|
|
Deprecated, please rename it to dhcp_snooping. Trusted or untrusted DHCP-snooping interface. Choices:
|
|
Deprecated, please rename it to discard_mode. Configure discard mode for port. Choices:
|
|
Deprecated, please rename it to dot1x_enable. Dot1x enable. Choices:
|
|
Deprecated, please rename it to dsl_profile. DSL policy configuration. |
|
Deprecated, please rename it to edge_port. Enable/disable this interface as an edge port, bridging connections between wor… Choices:
|
|
Deprecated, please rename it to encrypted_port. Encrypted port. |
|
(list) Deprecated, please rename it to export_tags. Configure export tag |
|
(list) Deprecated, please rename it to export_to. Export managed-switch port to a tenant VDOM. |
|
(list) Deprecated, please rename it to export_to_pool. Switch controller export port to pool-list. |
|
Deprecated, please rename it to export_to_pool_flag. Switch controller export port to pool-list. |
|
Deprecated, please rename it to fallback_port. LACP fallback port. |
|
Deprecated, please rename it to fec_capable. FEC capable. |
|
Deprecated, please rename it to fec_state. State of forward error correction. Choices:
|
|
Deprecated, please rename it to fgt_peer_device_name. Fgt peer device name. |
|
Deprecated, please rename it to fgt_peer_port_name. Fgt peer port name. |
|
Deprecated, please rename it to fiber_port. Fiber port. |
|
Flags. |
|
Deprecated, please rename it to flap_duration. Period over which flap events are calculated |
|
Deprecated, please rename it to flap_rate. Number of stage change events needed within flap-duration. |
|
Deprecated, please rename it to flap_timeout. Flap guard disabling protection |
|
Enable/disable flap guard. Choices:
|
|
Deprecated, please rename it to flow_control. Flow control direction. Choices:
|
|
Deprecated, please rename it to fortilink_port. Fortilink port. |
|
(list) Deprecated, please rename it to fortiswitch_acls. ACLs on this port. |
|
Deprecated, please rename it to igmp_snooping. Set IGMP snooping mode for the physical port interface. Choices:
|
|
Deprecated, please rename it to igmp_snooping_flood_reports. Enable/disable flooding of IGMP reports to this interface whe… Choices:
|
|
Deprecated, please rename it to igmps_flood_reports. Enable/disable flooding of IGMP reports to this interface when igmp-s… Choices:
|
|
Deprecated, please rename it to igmps_flood_traffic. Enable/disable flooding of IGMP snooping traffic to this interface. Choices:
|
|
(list or str) Deprecated, please rename it to interface_tags. Tag |
|
Deprecated, please rename it to ip_source_guard. Enable/disable IP source guard. Choices:
|
|
Deprecated, please rename it to isl_local_trunk_name. Isl local trunk name. |
|
Deprecated, please rename it to isl_peer_device_name. Isl peer device name. |
|
Deprecated, please rename it to isl_peer_device_sn. Isl peer device sn. |
|
Deprecated, please rename it to isl_peer_port_name. Isl peer port name. |
|
Deprecated, please rename it to lacp_speed. End Link Aggregation Control Protocol Choices:
|
|
Deprecated, please rename it to learning_limit. Limit the number of dynamic MAC addresses on this Port |
|
Deprecated, please rename it to link_status. Link status. Choices:
|
|
Deprecated, please rename it to lldp_profile. LLDP port TLV profile. |
|
Deprecated, please rename it to lldp_status. LLDP transmit and receive status. Choices:
|
|
Deprecated, please rename it to log_mac_event. Enable/disable logging for dynamic MAC address events. Choices:
|
|
Deprecated, please rename it to loop_guard. Enable/disable loop-guard on this interface, an STP optimization used to preve… Choices:
|
|
Deprecated, please rename it to loop_guard_timeout. Loop-guard timeout |
|
Deprecated, please rename it to mac_addr. Port/Trunk MAC. |
|
Deprecated, please rename it to matched_dpp_intf_tags. Matched interface tags in the dynamic port policy. |
|
Deprecated, please rename it to matched_dpp_policy. Matched child policy in the dynamic port policy. |
|
Deprecated, please rename it to max_bundle. Maximum size of LAG bundle |
|
Deprecated, please rename it to max_miss_heartbeats. Maximum tolerant missed heartbeats. |
|
Deprecated, please rename it to mcast_snooping_flood_traffic. Enable/disable flooding of IGMP snooping traffic to this int… Choices:
|
|
Enable/disable multi-chassis link aggregation Choices:
|
|
Deprecated, please rename it to mclag_icl_port. Mclag icl port. |
|
Deprecated, please rename it to media_type. Media type. |
|
Deprecated, please rename it to member_withdrawal_behavior. Port behavior after it withdraws because of loss of control pa… Choices:
|
|
(list) Aggregated LAG bundle interfaces. |
|
Deprecated, please rename it to min_bundle. Minimum size of LAG bundle |
|
LACP mode Choices:
|
|
Deprecated, please rename it to p2p_port. P2p port. |
|
Deprecated, please rename it to packet_sample_rate. Packet sampling rate |
|
Deprecated, please rename it to packet_sampler. Enable/disable packet sampling on this interface. Choices:
|
|
Deprecated, please rename it to pause_meter. Configure ingress pause metering rate, in kbps |
|
Deprecated, please rename it to pause_meter_resume. Resume threshold for resuming traffic on ingress port. Choices:
|
|
Deprecated, please rename it to pd_capable. Powered device capable. |
|
Deprecated, please rename it to poe_capable. PoE capable. |
|
Deprecated, please rename it to poe_max_power. Poe max power. |
|
Deprecated, please rename it to poe_mode_bt_cabable. PoE mode IEEE 802. |
|
Deprecated, please rename it to poe_port_mode. Configure PoE port mode. Choices:
|
|
Deprecated, please rename it to poe_port_power. Configure PoE port power. Choices:
|
|
Deprecated, please rename it to poe_port_priority. Configure PoE port priority. Choices:
|
|
Deprecated, please rename it to poe_pre_standard_detection. Enable/disable PoE pre-standard detection. Choices:
|
|
Deprecated, please rename it to poe_standard. Poe standard. |
|
Deprecated, please rename it to poe_status. Enable/disable PoE status. Choices:
|
|
Deprecated, please rename it to port_name. Switch port name. |
|
Deprecated, please rename it to port_number. Port number. |
|
Deprecated, please rename it to port_owner. Switch port name. |
|
Deprecated, please rename it to port_policy. Switch controller dynamic port policy from available options. |
|
Deprecated, please rename it to port_prefix_type. Port prefix type. |
|
Deprecated, please rename it to port_security_policy. Switch controller authentication policy to apply to this managed swi… |
|
Deprecated, please rename it to port_selection_criteria. Algorithm for aggregate port selection. Choices:
|
|
(list) Deprecated, please rename it to ptp_policy. PTP policy configuration. |
|
Deprecated, please rename it to ptp_status. Enable/disable PTP policy on this FortiSwitch port. Choices:
|
|
(list) ‘802.’ |
|
Deprecated, please rename it to qos_policy. Switch controller QoS policy from available options. |
|
Deprecated, please rename it to restricted_auth_port. Restricted auth port. |
|
Deprecated, please rename it to rpvst_port. Enable/disable inter-operability with rapid PVST on this interface. Choices:
|
|
Deprecated, please rename it to sample_direction. SFlow sample direction. Choices:
|
|
Deprecated, please rename it to sflow_counter_interval. SFlow sampler counter polling interval |
|
Deprecated, please rename it to sflow_sample_rate. SFlow sampler sample rate |
|
Deprecated, please rename it to sflow_sampler. Enable/disable sFlow protocol on this interface. Choices:
|
|
Switch port speed; default and available settings depend on hardware. Choices:
|
|
Deprecated, please rename it to speed_mask. Switch port speed mask. |
|
Deprecated, please rename it to stacking_port. Stacking port. |
|
Switch port admin status Choices:
|
|
Deprecated, please rename it to sticky_mac. Enable or disable sticky-mac on the interface. Choices:
|
|
Deprecated, please rename it to storm_control_policy. Switch controller storm control policy from available options. |
|
Deprecated, please rename it to stp_bpdu_guard. Enable/disable STP BPDU guard on this interface. Choices:
|
|
Deprecated, please rename it to stp_bpdu_guard_timeout. BPDU Guard disabling protection |
|
Deprecated, please rename it to stp_root_guard. Enable/disable STP root guard on this interface. Choices:
|
|
Deprecated, please rename it to stp_state. Enable/disable Spanning Tree Protocol Choices:
|
|
Deprecated, please rename it to switch_id. Switch id. |
|
Deprecated, please rename it to trunk_member. Trunk member. |
|
Interface type Choices:
|
|
(list or str) Deprecated, please rename it to untagged_vlans. Configure switch port untagged vlans |
|
Deprecated, please rename it to virtual_port. Virtualized switch port. |
|
Assign switch ports to a VLAN. |
|
The adom to lock for FortiManager running in workspace mode, the value can be global and others including root. |
|
The maximum time in seconds to wait for other user to release the workspace lock. Default: |
Notes
Note
Starting in version 2.4.0, all input arguments are named using the underscore naming convention (snake_case). Please change the arguments such as “var-name” to “var_name”. Old argument names are still available yet you will receive deprecation warnings. You can ignore this warning by setting deprecation_warnings=False in ansible.cfg.
Running in workspace locking mode is supported in this FortiManager module, the top level parameters workspace_locking_adom and workspace_locking_timeout help do the work.
To create or update an object, use state present directive.
To delete an object, use state absent directive.
Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- name: Example playbook (generated based on argument schema)
hosts: fortimanagers
connection: httpapi
vars:
ansible_httpapi_use_ssl: true
ansible_httpapi_validate_certs: false
ansible_httpapi_port: 443
tasks:
- name: Managed-switch port list.
fortinet.fortimanager.fmgr_switchcontroller_managedswitch_ports:
# bypass_validation: false
workspace_locking_adom: <value in [global, custom adom including root]>
workspace_locking_timeout: 300
# rc_succeeded: [0, -2, -3, ...]
# rc_failed: [-2, -3, ...]
adom: <your own value>
managed_switch: <your own value>
state: present # <value in [present, absent]>
switchcontroller_managedswitch_ports:
allowed_vlans: <list or string>
allowed_vlans_all: <value in [disable, enable]>
arp_inspection_trust: <value in [untrusted, trusted]>
bundle: <value in [disable, enable]>
description: <string>
dhcp_snoop_option82_trust: <value in [disable, enable]>
dhcp_snooping: <value in [trusted, untrusted]>
discard_mode: <value in [none, all-untagged, all-tagged]>
edge_port: <value in [disable, enable]>
igmp_snooping: <value in [disable, enable]>
igmps_flood_reports: <value in [disable, enable]>
igmps_flood_traffic: <value in [disable, enable]>
lacp_speed: <value in [slow, fast]>
learning_limit: <integer>
lldp_profile: <string>
lldp_status: <value in [disable, rx-only, tx-only, ...]>
loop_guard: <value in [disabled, enabled]>
loop_guard_timeout: <integer>
max_bundle: <integer>
mclag: <value in [disable, enable]>
member_withdrawal_behavior: <value in [forward, block]>
members: <list or string>
min_bundle: <integer>
mode: <value in [static, lacp-passive, lacp-active]>
poe_pre_standard_detection: <value in [disable, enable]>
poe_status: <value in [disable, enable]>
port_name: <string>
port_owner: <string>
port_security_policy: <string>
port_selection_criteria: <value in [src-mac, dst-mac, src-dst-mac, ...]>
qos_policy: <string>
sample_direction: <value in [rx, tx, both]>
sflow_counter_interval: <integer>
sflow_sample_rate: <integer>
sflow_sampler: <value in [disabled, enabled]>
stp_bpdu_guard: <value in [disabled, enabled]>
stp_bpdu_guard_timeout: <integer>
stp_root_guard: <value in [disabled, enabled]>
stp_state: <value in [disabled, enabled]>
type: <value in [physical, trunk]>
untagged_vlans: <list or string>
vlan: <string>
export_to_pool_flag: <integer>
mac_addr: <string>
packet_sample_rate: <integer>
packet_sampler: <value in [disabled, enabled]>
sticky_mac: <value in [disable, enable]>
storm_control_policy: <string>
dot1x_enable: <value in [disable, enable]>
max_miss_heartbeats: <integer>
access_mode: <value in [normal, nac, dynamic, ...]>
ip_source_guard: <value in [disable, enable]>
mclag_icl_port: <integer>
p2p_port: <integer>
aggregator_mode: <value in [bandwidth, count]>
rpvst_port: <value in [disabled, enabled]>
flow_control: <value in [disable, tx, rx, ...]>
media_type: <string>
pause_meter: <integer>
pause_meter_resume: <value in [25%, 50%, 75%]>
trunk_member: <integer>
fec_capable: <integer>
fec_state: <value in [disabled, cl74, cl91, ...]>
matched_dpp_intf_tags: <string>
matched_dpp_policy: <string>
port_policy: <string>
status: <value in [down, up]>
dsl_profile: <string>
flap_duration: <integer>
flap_rate: <integer>
flap_timeout: <integer>
flapguard: <value in [disable, enable]>
interface_tags: <list or string>
poe_max_power: <string>
poe_standard: <string>
igmp_snooping_flood_reports: <value in [disable, enable]>
mcast_snooping_flood_traffic: <value in [disable, enable]>
link_status: <value in [down, up]>
poe_mode_bt_cabable: <integer>
poe_port_mode: <value in [ieee802-3af, ieee802-3at, ieee802-3bt]>
poe_port_power: <value in [normal, perpetual, perpetual-fast]>
poe_port_priority: <value in [critical-priority, high-priority, low-priority, ...]>
acl_group: <list or string>
dhcp_snoop_option82_override:
-
circuit_id: <string>
remote_id: <string>
vlan_name: <string>
fortiswitch_acls: <list or integer>
isl_peer_device_sn: <string>
authenticated_port: <integer>
encrypted_port: <integer>
ptp_status: <value in [disable, enable]>
restricted_auth_port: <integer>
allow_arp_monitor: <value in [disable, enable]>
export_to: <list or string>
export_to_pool: <list or string>
fallback_port: <string>
fgt_peer_device_name: <string>
fgt_peer_port_name: <string>
fiber_port: <integer>
flags: <integer>
fortilink_port: <integer>
isl_local_trunk_name: <string>
isl_peer_device_name: <string>
isl_peer_port_name: <string>
poe_capable: <integer>
port_number: <integer>
port_prefix_type: <integer>
ptp_policy: <list or string>
speed: <value in [auto, 10full, 10half, ...]>
speed_mask: <integer>
stacking_port: <integer>
switch_id: <string>
virtual_port: <integer>
export_tags: <list or string>
log_mac_event: <value in [disable, enable]>
pd_capable: <integer>
qnq: <list or string>
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
---|---|
The result of the request. Returned: always |
|
The full url requested. Returned: always Sample: |
|
The status of api request. Returned: always Sample: |
|
The api response. Returned: always |
|
The descriptive message of the api response. Returned: always Sample: |
|
The information of the target system. Returned: always |
|
The status the request. Returned: always Sample: |
|
Warning if the parameters used in the playbook are not supported by the current FortiManager version. Returned: complex |