fortios_system_sdn_connector – Configure connection to SDN Connector in Fortinet’s FortiOS and FortiGate.¶
New in version 2.0.0.
Synopsis¶
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify system feature and sdn_connector category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0
FortiOS Version Compatibility¶
v6.0.0 |
v6.0.5 |
v6.0.11 |
v6.2.0 |
v6.2.3 |
v6.2.5 |
v6.2.7 |
v6.4.0 |
v6.4.1 |
v6.4.4 |
v7.0.0 |
v7.0.1 |
v7.0.2 |
v7.0.3 |
v7.0.4 |
v7.0.5 |
v7.0.6 |
v7.0.7 |
v7.0.8 |
v7.2.0 |
v7.2.1 |
v7.2.2 |
|
fortios_system_sdn_connector | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters¶
- access_token - Token-based authentication. Generated from GUI of Fortigate. type: str required: false
- enable_log - Enable/Disable logging for task. type: bool required: false default: False
- vdom - Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. type: str default: root
- member_path - Member attribute path to operate on. type: str
- member_state - Add or delete a member under specified attribute path. type: str choices: present, absent
- state - Indicates whether to create or remove the object. type: str required: true choices: present, absent
- system_sdn_connector - Configure connection to SDN Connector. type: dict more...
- access_key - AWS / ACS access key ID. type: str more...
- api_key - IBM cloud API key or service ID API key. type: str more...
- azure_region - Azure server region. type: str choices: global, china, germany, usgov, local more...
- client_id - Azure client ID (application ID). type: str more...
- client_secret - Azure client secret (application key). type: str more...
- compartment_id - Compartment ID. type: str more...
- compute_generation - Compute generation for IBM cloud infrastructure. type: int more...
- domain - Domain name. type: str more...
- external_account_list - Configure AWS external account list. type: list more...
- external_id - AWS external ID. type: str more...
- region_list - AWS region name list. type: list more...
- region - AWS region name. type: str more...
- role_arn - AWS role ARN to assume. type: str more...
- external_ip - Configure GCP external IP. type: list more...
- name - External IP name. type: str more...
- forwarding_rule - Configure GCP forwarding rule. type: list more...
- rule_name - Forwarding rule name. type: str more...
- target - Target instance name. type: str more...
- gcp_project - GCP project name. type: str more...
- gcp_project_list - Configure GCP project list. type: list more...
- gcp_zone_list - Configure GCP zone list. type: list more...
- name - GCP zone name. type: str more...
- id - GCP project ID. type: str more...
- group_name - Group name of computers. type: str more...
- ha_status - Enable/disable use for FortiGate HA service. type: str choices: disable, enable more...
- ibm_region - IBM cloud region name. type: str choices: dallas, washington-dc, london, frankfurt, sydney, tokyo, osaka, toronto, sao-paulo, us-south, us-east, germany, great-britain, japan, australia more...
- ibm_region_gen1 - IBM cloud compute generation 1 region name. type: str choices: us-south, us-east, germany, great-britain, japan, australia more...
- ibm_region_gen2 - IBM cloud compute generation 2 region name. type: str choices: us-south, us-east, great-britain more...
- key_passwd - Private key password. type: str more...
- login_endpoint - Azure Stack login endpoint. type: str more...
- name - SDN connector name. type: str required: true more...
- nic - Configure Azure network interface. type: list more...
- ip - Configure IP configuration. type: list more...
- name - IP configuration name. type: str more...
- public_ip - Public IP name. type: str more...
- resource_group - Resource group of Azure public IP. type: str more...
- name - Network interface name. type: str more...
- oci_cert - OCI certificate. Source certificate.local.name. type: str more...
- oci_fingerprint - OCI pubkey fingerprint. type: str more...
- oci_region - OCI server region. type: str choices: phoenix, ashburn, frankfurt, london more...
- oci_region_type - OCI region type. type: str choices: commercial, government more...
- password - Password of the remote SDN connector as login credentials. type: str more...
- private_key - Private key of GCP service account. type: str more...
- region - AWS / ACS region name. type: str more...
- resource_group - Azure resource group. type: str more...
- resource_url - Azure Stack resource URL. type: str more...
- route - Configure GCP route. type: list more...
- name - Route name. type: str more...
- route_table - Configure Azure route table. type: list more...
- name - Route table name. type: str more...
- resource_group - Resource group of Azure route table. type: str more...
- route - Configure Azure route. type: list more...
- subscription_id - Subscription ID of Azure route table. type: str more...
- secret_key - AWS / ACS secret access key. type: str more...
- secret_token - Secret token of Kubernetes service account. type: str more...
- server - Server address of the remote SDN connector. type: str more...
- server_list - Server address list of the remote SDN connector. type: list more...
- ip - IPv4 address. type: str more...
- server_port - Port number of the remote SDN connector. type: int more...
- service_account - GCP service account email. type: str more...
- status - Enable/disable connection to the remote SDN connector. type: str choices: disable, enable more...
- subscription_id - Azure subscription ID. type: str more...
- tenant_id - Tenant ID (directory ID). type: str more...
- type - Type of SDN connector. type: str choices: aci, alicloud, aws, azure, gcp, nsx, nuage, oci, openstack, kubernetes, vmware, sepm, aci-direct, ibm, nutanix, sap more...
- update_interval - Dynamic object update interval (30 - 3600 sec). type: int more...
- use_metadata_iam - Enable/disable use of IAM role from metadata to call API. type: str choices: disable, enable more...
- user_id - User ID. type: str more...
- username - Username of the remote SDN connector as login credentials. type: str more...
- vcenter_password - vCenter server password for NSX quarantine. type: str more...
- vcenter_server - vCenter server address for NSX quarantine. type: str more...
- vcenter_username - vCenter server username for NSX quarantine. type: str more...
- verify_certificate - Enable/disable server certificate verification. type: str choices: disable, enable more...
- vpc_id - AWS VPC ID. type: str more...
Examples¶
- hosts: fortigates
collections:
- fortinet.fortios
connection: httpapi
vars:
vdom: "root"
ansible_httpapi_use_ssl: yes
ansible_httpapi_validate_certs: no
ansible_httpapi_port: 443
tasks:
- name: Configure connection to SDN Connector.
fortios_system_sdn_connector:
vdom: "{{ vdom }}"
state: "present"
access_token: "<your_own_value>"
system_sdn_connector:
access_key: "<your_own_value>"
api_key: "<your_own_value>"
azure_region: "global"
client_id: "<your_own_value>"
client_secret: "<your_own_value>"
compartment_id: "<your_own_value>"
compute_generation: "2"
domain: "<your_own_value>"
external_account_list:
-
external_id: "<your_own_value>"
region_list:
-
region: "<your_own_value>"
role_arn: "<your_own_value>"
external_ip:
-
name: "default_name_17"
forwarding_rule:
-
rule_name: "<your_own_value>"
target: "<your_own_value>"
gcp_project: "<your_own_value>"
gcp_project_list:
-
gcp_zone_list:
-
name: "default_name_24"
id: "25"
group_name: "<your_own_value>"
ha_status: "disable"
ibm_region: "dallas"
ibm_region_gen1: "us-south"
ibm_region_gen2: "us-south"
key_passwd: "<your_own_value>"
login_endpoint: "<your_own_value>"
name: "default_name_33"
nic:
-
ip:
-
name: "default_name_36"
public_ip: "<your_own_value>"
resource_group: "<your_own_value>"
name: "default_name_39"
oci_cert: "<your_own_value> (source certificate.local.name)"
oci_fingerprint: "<your_own_value>"
oci_region: "phoenix"
oci_region_type: "commercial"
password: "<your_own_value>"
private_key: "<your_own_value>"
region: "<your_own_value>"
resource_group: "<your_own_value>"
resource_url: "<your_own_value>"
route:
-
name: "default_name_50"
route_table:
-
name: "default_name_52"
resource_group: "<your_own_value>"
route:
-
name: "default_name_55"
next_hop: "<your_own_value>"
subscription_id: "<your_own_value>"
secret_key: "<your_own_value>"
secret_token: "<your_own_value>"
server: "192.168.100.40"
server_list:
-
ip: "<your_own_value>"
server_port: "0"
service_account: "<your_own_value>"
status: "disable"
subscription_id: "<your_own_value>"
tenant_id: "<your_own_value>"
type: "aci"
update_interval: "60"
use_metadata_iam: "disable"
user_id: "<your_own_value>"
username: "<your_own_value>"
vcenter_password: "<your_own_value>"
vcenter_server: "<your_own_value>"
vcenter_username: "<your_own_value>"
verify_certificate: "disable"
vpc_id: "<your_own_value>"
Return Values¶
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- build - Build number of the fortigate image returned: always type: str sample: 1547
- http_method - Last method used to provision the content into FortiGate returned: always type: str sample: PUT
- http_status - Last result given by FortiGate on last operation applied returned: always type: str sample: 200
- mkey - Master key (id) used in the last call to FortiGate returned: success type: str sample: id
- name - Name of the table used to fulfill the request returned: always type: str sample: urlfilter
- path - Path of the table used to fulfill the request returned: always type: str sample: webfilter
- revision - Internal revision number returned: always type: str sample: 17.0.2.10658
- serial - Serial number of the unit returned: always type: str sample: FGVMEVYYQT3AB5352
- status - Indication of the operation's result returned: always type: str sample: success
- vdom - Virtual domain used returned: always type: str sample: root
- version - Version of the FortiGate returned: always type: str sample: v5.6.3