fmgr_webproxy_profile – Configure web proxy profiles.¶

New in version 2.10.

Synopsis
Requirements
Parameters
Notes
Examples
Return Values
Status
Authors

Synopsis ¶

This module is able to configure a FortiManager device by allowing the user to [add, get, set, update] the following FortiManager json-rpc urls.
/pm/config/adom/{adom}/obj/web-proxy/profile
/pm/config/global/obj/web-proxy/profile
Examples include all parameters and values need to be adjusted to data sources before usage.
Tested with FortiManager v6.0.0

Requirements ¶

The below requirements are needed on the host that executes this module.

ansible>=2.10.0

Parameters ¶

loose_validation - Do parameter validation in a loose way type: bool required: false default: false
workspace_locking_adom - Acquire the workspace lock if FortiManager is running in workspace mode type: str required: false choices: global, custom dom
workspace_locking_timeout - The maximum time in seconds to wait for other users to release workspace lock type: integer required: false default: 300
url_params - parameters in url path type: dict required: true

adom - the domain prefix type: str choices: none, global, custom dom

parameters for method: [add, set, update] - Configure web proxy profiles.

data - No description for the parameter type: array
- header-client-ip - Action to take on the HTTP client-IP header in forwarded requests: forwards (pass), adds, or removes the HTTP header. type: str choices: [pass, add, remove]
- header-front-end-https - Action to take on the HTTP front-end-HTTPS header in forwarded requests: forwards (pass), adds, or removes the HTTP header. type: str choices: [pass, add, remove]
- header-via-request - Action to take on the HTTP via header in forwarded requests: forwards (pass), adds, or removes the HTTP header. type: str choices: [pass, add, remove]
- header-via-response - Action to take on the HTTP via header in forwarded responses: forwards (pass), adds, or removes the HTTP header. type: str choices: [pass, add, remove]
- header-x-authenticated-groups - Action to take on the HTTP x-authenticated-groups header in forwarded requests: forwards (pass), adds, or removes the HTTP header. type: str choices: [pass, add, remove]
- header-x-authenticated-user - Action to take on the HTTP x-authenticated-user header in forwarded requests: forwards (pass), adds, or removes the HTTP header. type: str choices: [pass, add, remove]
- header-x-forwarded-for - Action to take on the HTTP x-forwarded-for header in forwarded requests: forwards (pass), adds, or removes the HTTP header. type: str choices: [pass, add, remove]
- headers - No description for the parameter type: array
  - action - Action when HTTP the header forwarded. type: str choices: [add-to-request, add-to-response, remove-from-request, remove-from-response]
  - content - HTTP headers content. type: str
  - id - HTTP forwarded header id. type: int
  - name - HTTP forwarded header name. type: str
- log-header-change - Enable/disable logging HTTP header changes. type: str choices: [disable, enable]
- name - Profile name. type: str
- strip-encoding - Enable/disable stripping unsupported encoding from the request header. type: str choices: [disable, enable]

parameters for method: [get] - Configure web proxy profiles.

attr - The name of the attribute to retrieve its datasource. type: str
fields - No description for the parameter type: array
- {no-name} - No description for the parameter type: array
  - {no-name} - No description for the parameter type: str choices: [header-client-ip, header-front-end-https, header-via-request, header-via-response, header-x-authenticated-groups, header-x-authenticated-user, header-x-forwarded-for, log-header-change, name, strip-encoding]
filter - No description for the parameter type: array
- {no-name} - No description for the parameter type: str
get used - No description for the parameter type: int
loadsub - Enable or disable the return of any sub-objects. type: int
option - Set fetch option for the request. type: str choices: [count, object member, datasrc, get reserved, syntax]
range - No description for the parameter type: array
- {no-name} - No description for the parameter type: int
sortings - No description for the parameter type: array
- {attr_name} - No description for the parameter type: int choices: [1, -1]

Notes ¶

Note

The module may supports multiple method, every method has different parameters definition
One method may also have more than one parameter definition collection, each collection is dedicated to one API endpoint
The module may include domain dependent urls, the domain can be specified in url_params as adom
To run in workspace mode, the paremeter workspace_locking_adom must be included in the task

Examples ¶

- hosts: fortimanager-inventory
  collections:
    - fortinet.fortimanager
  connection: httpapi
  vars:
     ansible_httpapi_use_ssl: True
     ansible_httpapi_validate_certs: False
     ansible_httpapi_port: 443
  tasks:

   - name: REQUESTING /PM/CONFIG/OBJ/WEB-PROXY/PROFILE
     fmgr_webproxy_profile:
        loose_validation: False
        workspace_locking_adom: <value in [global, custom adom]>
        workspace_locking_timeout: 300
        method: <value in [add, set, update]>
        url_params:
           adom: <value in [none, global, custom dom]>
        params:
           -
              data:
                -
                    header-client-ip: <value in [pass, add, remove]>
                    header-front-end-https: <value in [pass, add, remove]>
                    header-via-request: <value in [pass, add, remove]>
                    header-via-response: <value in [pass, add, remove]>
                    header-x-authenticated-groups: <value in [pass, add, remove]>
                    header-x-authenticated-user: <value in [pass, add, remove]>
                    header-x-forwarded-for: <value in [pass, add, remove]>
                    headers:
                      -
                          action: <value in [add-to-request, add-to-response, remove-from-request, ...]>
                          content: <value of string>
                          id: <value of integer>
                          name: <value of string>
                    log-header-change: <value in [disable, enable]>
                    name: <value of string>
                    strip-encoding: <value in [disable, enable]>

   - name: REQUESTING /PM/CONFIG/OBJ/WEB-PROXY/PROFILE
     fmgr_webproxy_profile:
        loose_validation: False
        workspace_locking_adom: <value in [global, custom adom]>
        workspace_locking_timeout: 300
        method: <value in [get]>
        url_params:
           adom: <value in [none, global, custom dom]>
        params:
           -
              attr: <value of string>
              fields:
                -
                   - <value in [header-client-ip, header-front-end-https, header-via-request, ...]>
              filter:
                - <value of string>
              get used: <value of integer>
              loadsub: <value of integer>
              option: <value in [count, object member, datasrc, ...]>
              range:
                - <value of integer>
              sortings:
                -
                    varidic.attr_name: <value in [1, -1]>

Return Values ¶

Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:

return values for method: [add, set, update]

status - No description for the parameter type: dict
- code - No description for the parameter type: int
- message - No description for the parameter type: str
url - No description for the parameter type: str example: /pm/config/adom/{adom}/obj/web-proxy/profile

return values for method: [get]

data - No description for the parameter type: array
- header-client-ip - Action to take on the HTTP client-IP header in forwarded requests: forwards (pass), adds, or removes the HTTP header. type: str
- header-front-end-https - Action to take on the HTTP front-end-HTTPS header in forwarded requests: forwards (pass), adds, or removes the HTTP header. type: str
- header-via-request - Action to take on the HTTP via header in forwarded requests: forwards (pass), adds, or removes the HTTP header. type: str
- header-via-response - Action to take on the HTTP via header in forwarded responses: forwards (pass), adds, or removes the HTTP header. type: str
- header-x-authenticated-groups - Action to take on the HTTP x-authenticated-groups header in forwarded requests: forwards (pass), adds, or removes the HTTP header. type: str
- header-x-authenticated-user - Action to take on the HTTP x-authenticated-user header in forwarded requests: forwards (pass), adds, or removes the HTTP header. type: str
- header-x-forwarded-for - Action to take on the HTTP x-forwarded-for header in forwarded requests: forwards (pass), adds, or removes the HTTP header. type: str
- headers - No description for the parameter type: array
  - action - Action when HTTP the header forwarded. type: str
  - content - HTTP headers content. type: str
  - id - HTTP forwarded header id. type: int
  - name - HTTP forwarded header name. type: str
- log-header-change - Enable/disable logging HTTP header changes. type: str
- name - Profile name. type: str
- strip-encoding - Enable/disable stripping unsupported encoding from the request header. type: str
status - No description for the parameter type: dict
- code - No description for the parameter type: int
- message - No description for the parameter type: str
url - No description for the parameter type: str example: /pm/config/adom/{adom}/obj/web-proxy/profile

Status ¶

This module is not guaranteed to have a backwards compatible interface.

Authors ¶

Frank Shen (@fshen01)
Link Zheng (@zhengl)

Hint

If you notice any issues in this documentation, you can create a pull request to improve it.