faz_cli_fmupdate_fwmsetting – Configure firmware management settings.
Added in version 1.0.0.
Warning
Starting in version 2.0.0, all variables will be named in the underscore naming convention.
Possible variable names before 2.0.0:
variable-name,variable name,variable.nameCorresponding variable names since 2.0.0:
variable_name
FortiAnalyzer Ansible v1.4+ supports both previous argument name and new underscore name. You will receive deprecation warnings if you keep using the previous argument name. You can ignore the warning by setting deprecation_warnings=False in ansible.cfg.
Synopsis
This module is able to configure a FortiAnalyzer device.
Examples include all parameters and values need to be adjusted to data sources before usage.
Requirements
The below requirements are needed on the host that executes this module.
ansible>=2.15.0
FortiAnalyzer Version Compatibility
Supported Version Ranges: v6.2.1 -> latest
Parameters
- access_token The token to access FortiAnalyzer without using ansible_username and ansible_password. type: str
- bypass_validation Only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters type: bool default: False
- enable_log Enable/Disable logging for task type: bool default: False
- forticloud_access_token Access token of forticloud analyzer API users. type: str
- log_path The path to save log. Used if enable_log is true. Please use absolute path instead of relative path. If the log_path setting is incorrect, the log will be saved in /tmp/fortianalyzer.ansible.logtype: str default: "/tmp/fortianalyzer.ansible.log"
- proposed_method The overridden method for the underlying Json RPC request type: str choices: set, update, add
- version_check If set to True, it will check whether the parameters used are supported by the corresponding version of FortiAnazlyer locally based on FNDN data. A warning will be returned in version_check_warning if there is a mismatch. This warning is only a suggestion and may not be accurate. type: bool default: False
- rc_succeeded The rc codes list with which the conditions to succeed will be overriden type: list
- rc_failed The rc codes list with which the conditions to fail will be overriden type: list
- cli_fmupdate_fwmsetting Configure firmware management settings. type: dict
- auto_scan_fgt_disk auto scan fgt disk if needed. type: str choices: [disable, enable] default: enable more...
- check_fgt_disk check fgt disk before upgrade image. type: str choices: [disable, enable] default: enable more...
- fds_failover_fmg using fmg local image file is download from fds fails. type: str choices: [disable, enable] default: enable more...
- fds_image_timeout timer for fgt download image from fortiguard (300-3600s default=1800) type: int default: 1800 more...
- multiple_steps_interval waiting time between multiple steps upgrade (30-180s, default=60) type: int default: 60 more...
- max_fds_retry The retries when fgt download from fds fail (5-20, default=10) type: int default: 5 more...
- skip_disk_check skip disk check when upgrade image. type: str choices: [disable, enable] default: disable more...
- immx_source Configure which of IMMX file to be used for choosing upgrade pach. Default is file for FortiManager type: str choices: [fmg, fgt, cloud] default: fmg more...
- log Configure log setting for fwm daemon type: str choices: [fwm, fwm_dm, fwm_dm_json] default: fwm_dm more...
- upgrade_timeout type: dict
more...
- check_status_timeout timeout for checking status after tunnnel is up.(1-6000s, default=600) type: int default: 600 more...
- ctrl_check_status_timeout timeout for checking fap/fsw/fext status after request upgrade.(1-12000s, default=1200) type: int default: 1200 more...
- ctrl_put_image_by_fds_timeout timeout for waiting device get fap/fsw/fext image from fortiguard.(1-9000ss, default=900) type: int default: 900 more...
- ha_sync_timeout timeout for waiting HA sync.(1-18000s, default=1800) type: int default: 1800 more...
- license_check_timeout timeout for waiting fortigate check license.(1-6000s, default=600) type: int default: 600 more...
- prepare_image_timeout timeout for preparing image.(1-6000s, default=600) type: int default: 600 more...
- put_image_by_fds_timeout timeout for waiting device get image from fortiguard.(1-18000s, default=1800) type: int default: 1800 more...
- put_image_timeout timeout for waiting send image over tunnel.(1-18000s, default=1800) type: int default: 1800 more...
- reboot_of_fsck_timeout timeout for waiting fortigate reboot.(1-18000s, default=1800) type: int default: 1800 more...
- reboot_of_upgrade_timeout timeout for waiting fortigate reboot after image upgrade.(1-12000s, default=1200) type: int default: 1200 more...
- retrieve_timeout timeout for waiting retrieve.(1-18000s, default=1800) type: int default: 1800 more...
- rpc_timeout timeout for waiting fortigate rpc response.(1-1800s, default=180) type: int default: 180 more...
- total_timeout timeout for the whole fortigate upgrade(1-86400s, default=3600) type: int default: 3600 more...
- health_check_timeout timeout for waiting retrieve.(1-6000s, default=600) type: int default: 600 more...
- retry_interval waiting time for resending request to device(1-360s, default=60) type: int default: 60 more...
- retry_max max retry times(0-100, default=10) type: int default: 10 more...
- health_check do health check after upgrade type: str choices: [disable, enable] default: enable more...
- max_device_history max number of device upgrade report(1-10000, default=100) type: int default: 100 more...
- max_profile_history max number of profile upgrade report(1-10000, default=100) type: int default: 100 more...
- retrieve do retrieve after upgrade type: str choices: [disable, enable] default: enable more...
- revision_diff calculate diff script after upgrade type: str choices: [disable, enable] default: enable more...
Notes
Note
To create or update an object, use state: present directive.
To delete an object, use state: absent directive
Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- name: Example playbook
connection: httpapi
hosts: fortianalyzers
tasks:
- name: Configure firmware management settings.
fortinet.fortianalyzer.faz_cli_fmupdate_fwmsetting:
cli_fmupdate_fwmsetting:
auto_scan_fgt_disk: disable
check_fgt_disk: disable
fds_failover_fmg: disable
# fds_image_timeout: <value of integer>
# immx_source: <value in [fmg, fgt, cloud]>
# max_fds_retry: <value of integer>
# multiple_steps_interval: <value of integer>
# skip_disk_check: disable
vars:
ansible_network_os: fortinet.fortianalyzer.fortianalyzer
ansible_httpapi_port: 443
ansible_httpapi_use_ssl: true
ansible_httpapi_validate_certs: false
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- meta The result of the request. returned: always type: dict
- request_url The full url requested. returned: always type: str sample: /sys/login/user
- response_code The status of api request. returned: always type: int sample: 0
- response_data The data body of the api response. returned: optional type: list or dict
- response_message The descriptive message of the api response. returned: always type: str sample: OK
- system_information The information of the target system. returned: always type: dict
- rc The status the request. returned: always type: int sample: 0
- version_check_warning Warning if the parameters used in the playbook are not supported by the current fortianalyzer version. returned: if params are not supported in the current version type: list
Status
This module is not guaranteed to have a backwards compatible interface.