W3cubDocs

/Ansible 2.10

fortinet.fortimanager.fmgr_firewall_service_custom_obj – Configure custom services.

Note

This plugin is part of the fortinet.fortimanager collection.

To install it use: ansible-galaxy collection install fortinet.fortimanager.

To use it in a playbook, specify: fortinet.fortimanager.fmgr_firewall_service_custom_obj.

New in version 2.10: of fortinet.fortimanager

Synopsis

  • This module is able to configure a FortiManager device by allowing the user to [ clone delete get move set update ] the following apis.
  • /pm/config/adom/{adom}/obj/firewall/service/custom/{custom}
  • /pm/config/global/obj/firewall/service/custom/{custom}
  • Examples include all parameters and values need to be adjusted to data sources before usage.

Parameters

Parameter Choices/Defaults Comments
loose_validation
boolean
    Choices:
  • no
  • yes
Do parameter validation in a loose way
method
string / required
    Choices:
  • clone
  • delete
  • get
  • move
  • set
  • update
The method in request
params
list / elements=string
The parameters for each method
See full parameters list in https://ansible-galaxy-fortimanager-docs.readthedocs.io/en/latest
url_params
dictionary
The parameters for each API request URL
Also see full URL parameters in https://ansible-galaxy-fortimanager-docs.readthedocs.io/en/latest
workspace_locking_adom
string
the adom name to lock in case FortiManager running in workspace mode
it can be global or any other custom adom names
workspace_locking_timeout
integer
Default:
300
the maximum time in seconds to wait for other user to release the workspace lock

Notes

Note

  • There are only three top-level parameters where ‘method’ is always required while other two ‘params’ and ‘url_params’ can be optional
  • Due to the complexity of fortimanager api schema, the validation is done out of Ansible native parameter validation procedure.
  • The syntax of OPTIONS doen not comply with the standard Ansible argument specification, but with the structure of fortimanager API schema, we need a trivial transformation when we are filling the ansible playbook

Examples

- hosts: fortimanager-inventory
  collections:
    - fortinet.fortimanager
  connection: httpapi
  vars:
     ansible_httpapi_use_ssl: True
     ansible_httpapi_validate_certs: False
     ansible_httpapi_port: 443
  tasks:

   - name: REQUESTING /PM/CONFIG/OBJ/FIREWALL/SERVICE/CUSTOM/{CUSTOM}
     fmgr_firewall_service_custom_obj:
        loose_validation: False
        workspace_locking_adom: <value in [global, custom adom]>
        workspace_locking_timeout: 300
        method: <value in [clone, set, update]>
        url_params:
           adom: <value in [none, global, custom dom]>
           custom: <value of string>
        params:
           -
              data:
                 app-category:
                   - <value of integer>
                 app-service-type: <value in [disable, app-id, app-category]>
                 application:
                   - <value of integer>
                 category: <value of string>
                 check-reset-range: <value in [disable, default, strict]>
                 color: <value of integer>
                 comment: <value of string>
                 fqdn: <value of string>
                 helper: <value in [disable, auto, ftp, ...]>
                 icmpcode: <value of integer>
                 icmptype: <value of integer>
                 iprange: <value of string>
                 name: <value of string>
                 protocol: <value in [ICMP, IP, TCP/UDP/SCTP, ...]>
                 protocol-number: <value of integer>
                 proxy: <value in [disable, enable]>
                 sctp-portrange: <value of string>
                 session-ttl: <value of integer>
                 tcp-halfclose-timer: <value of integer>
                 tcp-halfopen-timer: <value of integer>
                 tcp-portrange: <value of string>
                 tcp-timewait-timer: <value of integer>
                 udp-idle-timer: <value of integer>
                 udp-portrange: <value of string>
                 visibility: <value in [disable, enable]>

   - name: REQUESTING /PM/CONFIG/OBJ/FIREWALL/SERVICE/CUSTOM/{CUSTOM}
     fmgr_firewall_service_custom_obj:
        loose_validation: False
        workspace_locking_adom: <value in [global, custom adom]>
        workspace_locking_timeout: 300
        method: <value in [get]>
        url_params:
           adom: <value in [none, global, custom dom]>
           custom: <value of string>
        params:
           -
              option: <value in [object member, chksum, datasrc]>

   - name: REQUESTING /PM/CONFIG/OBJ/FIREWALL/SERVICE/CUSTOM/{CUSTOM}
     fmgr_firewall_service_custom_obj:
        loose_validation: False
        workspace_locking_adom: <value in [global, custom adom]>
        workspace_locking_timeout: 300
        method: <value in [move]>
        url_params:
           adom: <value in [none, global, custom dom]>
           custom: <value of string>
        params:
           -
              option: <value in [before, after]>
              target: <value of string>

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
data
dictionary
always
The payload returned in the request
status
dictionary
always
The status of api request
url
string
always
The full url requested

Sample:
/sys/login/user


Authors

  • Frank Shen (@fshen01)
  • Link Zheng (@zhengl)

© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.10/collections/fortinet/fortimanager/fmgr_firewall_service_custom_obj_module.html