:source: fortios_system_automation_action.py :orphan: .. fortios_system_automation_action: fortios_system_automation_action -- Action for automation stitches in Fortinet's FortiOS and FortiGate. +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 2.0.0 .. contents:: :local: :depth: 1 Synopsis -------- - This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify system feature and automation_action category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0 Requirements ------------ The below requirements are needed on the host that executes this module. - ansible>=2.16 Tips ---- Using member operation to add an element to an existing object. FortiOS Version Compatibility ----------------------------- Supported Version Ranges: v6.0.0 -> v7.6.6 Parameters ---------- .. raw:: html

access_token - Token-based authentication. Generated from GUI of Fortigate. type: str required: false
enable_log - Enable/Disable logging for task. type: bool required: false default: False
vdom - Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. type: str default: root
member_path - Member attribute path to operate on. type: str
member_state - Add or delete a member under specified attribute path. type: str choices: present, absent
state - Indicates whether to create or remove the object. type: str required: true choices: present, absent
system_automation_action - Action for automation stitches. type: dict more...

Supported Version Ranges

system_automation_action v6.0.0 -> 7.6.6

accprofile - Access profile for CLI script action to access FortiGate features. Source system.accprofile.name. type: str more...

Supported Version Ranges

accprofile v7.0.0 -> 7.6.6

action_type - Action type. type: str choices: email, fortiexplorer-notification, alert, disable-ssid, system-actions, quarantine, quarantine-forticlient, quarantine-nsx, quarantine-fortinac, ban-ip, aws-lambda, azure-function, google-cloud-function, alicloud-function, webhook, cli-script, diagnose-script, regular-expression, slack-notification, microsoft-teams-notification, ios-notification more...

alicloud_access_key_id - AliCloud AccessKey ID. type: str more...

Supported Version Ranges

alicloud_access_key_id v6.2.0 -> 7.6.6
alicloud_access_key_secret - AliCloud AccessKey secret. type: str more...

Supported Version Ranges

alicloud_access_key_secret v6.2.0 -> 7.6.6
alicloud_account_id - AliCloud account ID. type: str more...

Supported Version Ranges

alicloud_account_id v6.2.0 -> v6.4.4
alicloud_function - AliCloud function name. type: str more...

Supported Version Ranges

alicloud_function v6.2.0 -> v6.4.4
alicloud_function_authorization - AliCloud function authorization type. type: str choices: anonymous, function more...

Supported Version Ranges

alicloud_function_authorization v6.2.0 -> 7.6.6

[anonymous] v6.2.0 -> 7.6.6
[function] v6.2.0 -> 7.6.6
alicloud_function_domain - AliCloud function domain. type: str more...

Supported Version Ranges

alicloud_function_domain v6.2.0 -> v6.4.4
alicloud_region - AliCloud region. type: str more...

Supported Version Ranges

alicloud_region v6.2.0 -> v6.4.4
alicloud_service - AliCloud service name. type: str more...

Supported Version Ranges

alicloud_service v6.2.0 -> v6.4.4
alicloud_version - AliCloud version. type: str more...

Supported Version Ranges

alicloud_version v6.2.0 -> v6.4.4
aws_api_id - AWS API Gateway ID. type: str more...

Supported Version Ranges

aws_api_id v6.0.0 -> v6.4.4
aws_api_key - AWS API Gateway API key. type: str more...

Supported Version Ranges

aws_api_key v6.0.0 -> 7.6.6
aws_api_path - AWS API Gateway path. type: str more...

Supported Version Ranges

aws_api_path v6.0.0 -> v6.4.4
aws_api_stage - AWS API Gateway deployment stage name. type: str more...

Supported Version Ranges

aws_api_stage v6.0.0 -> v6.4.4
aws_domain - AWS domain. type: str more...

Supported Version Ranges

aws_domain v6.0.0 -> v6.4.4
aws_region - AWS region. type: str more...

Supported Version Ranges

aws_region v6.0.0 -> v6.4.4
azure_api_key - Azure function API key. type: str more...

Supported Version Ranges

azure_api_key v6.2.0 -> 7.6.6
azure_app - Azure function application name. type: str more...

Supported Version Ranges

azure_app v6.2.0 -> v6.4.4
azure_domain - Azure function domain. type: str more...

Supported Version Ranges

azure_domain v6.2.0 -> v6.4.4
azure_function - Azure function name. type: str more...

Supported Version Ranges

azure_function v6.2.0 -> v6.4.4
azure_function_authorization - Azure function authorization level. type: str choices: anonymous, function, admin more...

Supported Version Ranges

azure_function_authorization v6.2.0 -> 7.6.6

[anonymous] v6.2.0 -> 7.6.6
[function] v6.2.0 -> 7.6.6
[admin] v6.2.0 -> 7.6.6
delay - Delay before execution (in seconds). type: int more...

Supported Version Ranges

delay v6.0.0 -> v7.0.0
description - Description. type: str more...

Supported Version Ranges

description v7.0.0 -> 7.6.6
duration - Maximum running time for this script in seconds. type: int more...

Supported Version Ranges

duration v7.6.1 -> 7.6.6
email_body - Email body. type: str more...

Supported Version Ranges

email_body v6.2.0 -> v6.2.7
email_from - Email sender name. type: str more...

Supported Version Ranges

email_from v6.2.0 -> 7.6.6
email_subject - Email subject. type: str more...

Supported Version Ranges

email_subject v6.0.0 -> 7.6.6
email_to - Email addresses. type: list member_path: email_to:name more...

Supported Version Ranges

email_to v6.0.0 -> 7.6.6

name - Email address. type: str required: true more...

Supported Version Ranges

name v6.0.0 -> 7.6.6

execute_security_fabric - Enable/disable execution of CLI script on all or only one FortiGate unit in the Security Fabric. type: str choices: enable, disable more...

Supported Version Ranges

execute_security_fabric v7.0.2 -> 7.6.6

[enable] v7.0.2 -> 7.6.6
[disable] v7.0.2 -> 7.6.6
file_only - Enable/disable the output in files only. type: str choices: enable, disable more...

Supported Version Ranges

file_only v7.6.4 -> 7.6.6

[enable] v7.6.4 -> 7.6.6
[disable] v7.6.4 -> 7.6.6
form_data - Form data parts for content type multipart/form-data. type: list member_path: form_data:id more...

Supported Version Ranges

form_data v7.6.4 -> 7.6.6

id - Entry ID. see Notes. type: int required: true more...

Supported Version Ranges

id v7.6.4 -> 7.6.6
key - Key of the part of Multipart/form-data. type: str more...

Supported Version Ranges

key v7.6.4 -> 7.6.6
value - Value of the part of Multipart/form-data. type: str more...

Supported Version Ranges

value v7.6.4 -> 7.6.6

forticare_email - Enable/disable use of your FortiCare email address as the email-to address. type: str choices: enable, disable more...

Supported Version Ranges

forticare_email v7.4.0 -> 7.6.6

[enable] v7.4.0 -> 7.6.6
[disable] v7.4.0 -> 7.6.6
fos_message - Message content. type: str more...

Supported Version Ranges

fos_message v6.4.0 -> 7.6.6
gcp_function - Google Cloud function name. type: str more...

Supported Version Ranges

gcp_function v6.2.0 -> v6.4.4
gcp_function_domain - Google Cloud function domain. type: str more...

Supported Version Ranges

gcp_function_domain v6.2.0 -> v6.4.4
gcp_function_region - Google Cloud function region. type: str more...

Supported Version Ranges

gcp_function_region v6.2.0 -> v6.4.4
gcp_project - Google Cloud Platform project name. type: str more...

Supported Version Ranges

gcp_project v6.2.0 -> v6.4.4
headers - Request headers. type: list member_path: headers:header more...

Supported Version Ranges

headers v6.0.0 -> v7.0.5 v7.2.0 -> v7.2.0

header - Request header. type: str required: true more...

Supported Version Ranges

header v6.0.0 -> v7.0.5 v7.2.0 -> v7.2.0

http_body - Request body (if necessary). Should be serialized json string. type: str more...

Supported Version Ranges

http_body v6.0.0 -> 7.6.6
http_headers - Request headers. type: list member_path: http_headers:id more...

Supported Version Ranges

http_headers v7.0.6 -> v7.0.12 v7.2.1 -> 7.6.6

id - Entry ID. see Notes. type: int required: true more...

Supported Version Ranges

id v7.0.6 -> v7.0.12 v7.2.1 -> 7.6.6
key - Request header key. type: str more...

Supported Version Ranges

key v7.0.6 -> v7.0.12 v7.2.1 -> 7.6.6
value - Request header value. type: str more...

Supported Version Ranges

value v7.0.6 -> v7.0.12 v7.2.1 -> 7.6.6

log_debug_print - Enable/disable logging debug print output from diagnose action. type: str choices: enable, disable more...

Supported Version Ranges

log_debug_print v7.6.3 -> 7.6.6

[enable] v7.6.3 -> 7.6.6
[disable] v7.6.3 -> 7.6.6
message_type - Message type. type: str choices: text, json, form-data more...

Supported Version Ranges

message_type v7.0.0 -> 7.6.6

[text] v7.0.0 -> 7.6.6
[json] v7.0.0 -> 7.6.6
[form-data] v7.6.4 -> 7.6.6

method - Request method (POST, PUT, GET, PATCH or DELETE). type: str choices: post, put, get, patch, delete more...

minimum_interval - Limit execution to no more than once in this interval (in seconds). type: int more...

Supported Version Ranges

minimum_interval v6.0.0 -> 7.6.6
name - Name. type: str required: true more...

Supported Version Ranges

name v6.0.0 -> 7.6.6
output_interval - Collect the outputs for each output-interval in seconds (0 = no intermediate output). type: int more...

Supported Version Ranges

output_interval v7.6.4 -> 7.6.6
output_size - Number of megabytes to limit script output to (1 - 1024). type: int more...

Supported Version Ranges

output_size v7.2.0 -> 7.6.6
port - Protocol port. type: int more...

Supported Version Ranges

port v6.0.0 -> 7.6.6
protocol - Request protocol. type: str choices: http, https more...

Supported Version Ranges

protocol v6.0.0 -> 7.6.6

[http] v6.0.0 -> 7.6.6
[https] v6.0.0 -> 7.6.6
regular_expression - Regular expression string. type: str more...

Supported Version Ranges

regular_expression v7.6.1 -> 7.6.6
replacement_message - Enable/disable replacement message. type: str choices: enable, disable more...

Supported Version Ranges

replacement_message v7.0.0 -> 7.6.6

[enable] v7.0.0 -> 7.6.6
[disable] v7.0.0 -> 7.6.6
replacemsg_group - Replacement message group. Source system.replacemsg-group.name. type: str more...

Supported Version Ranges

replacemsg_group v7.0.0 -> 7.6.6
required - Required in action chain. type: str choices: enable, disable more...

Supported Version Ranges

required v6.0.0 -> v7.0.0

[enable] v6.0.0 -> v7.0.0
[disable] v6.0.0 -> v7.0.0
script - CLI script. type: str more...

Supported Version Ranges

script v6.2.0 -> 7.6.6
sdn_connector - NSX SDN connector names. type: list member_path: sdn_connector:name more...

Supported Version Ranges

sdn_connector v6.2.0 -> 7.6.6

name - SDN connector name. Source system.sdn-connector.name. type: str required: true more...

Supported Version Ranges

name v6.2.0 -> 7.6.6

security_tag - NSX security tag. type: str more...

Supported Version Ranges

security_tag v6.2.0 -> 7.6.6
system_action - System action type. type: str choices: reboot, shutdown, backup-config more...

Supported Version Ranges

system_action v7.2.1 -> 7.6.6

[reboot] v7.2.1 -> 7.6.6
[shutdown] v7.2.1 -> 7.6.6
[backup-config] v7.2.1 -> 7.6.6
timeout - Maximum running time for this script in seconds (0 = no timeout). type: int more...

Supported Version Ranges

timeout v7.2.0 -> 7.6.6
tls_certificate - Custom TLS certificate for API request. Source certificate.local.name. type: str more...

Supported Version Ranges

tls_certificate v6.2.0 -> 7.6.6
uri - Request API URI. type: str more...

Supported Version Ranges

uri v6.0.0 -> 7.6.6
verify_host_cert - Enable/disable verification of the remote host certificate. type: str choices: enable, disable more...

Supported Version Ranges

verify_host_cert v7.0.0 -> 7.6.6

[enable] v7.0.0 -> 7.6.6
[disable] v7.0.0 -> 7.6.6

Notes ----- .. note:: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks - The module supports check_mode. Examples -------- .. code-block:: yaml+jinja - name: Action for automation stitches. fortinet.fortios.fortios_system_automation_action: vdom: "{{ vdom }}" state: "present" access_token: "" system_automation_action: accprofile: " (source system.accprofile.name)" action_type: "email" alicloud_access_key_id: "" alicloud_access_key_secret: "" alicloud_account_id: "" alicloud_function: "" alicloud_function_authorization: "anonymous" alicloud_function_domain: "" alicloud_region: "" alicloud_service: "" alicloud_version: "" aws_api_id: "" aws_api_key: "" aws_api_path: "" aws_api_stage: "" aws_domain: "" aws_region: "" azure_api_key: "" azure_app: "" azure_domain: "" azure_function: "" azure_function_authorization: "anonymous" delay: "0" description: "" duration: "5" email_body: "" email_from: "" email_subject: "" email_to: - name: "default_name_32" execute_security_fabric: "enable" file_only: "enable" form_data: - id: "36" key: "" value: "" forticare_email: "enable" fos_message: "" gcp_function: "" gcp_function_domain: "" gcp_function_region: "" gcp_project: "" headers: - header: "" http_body: "" http_headers: - id: "49" key: "" value: "" log_debug_print: "enable" message_type: "text" method: "post" minimum_interval: "0" name: "default_name_56" output_interval: "0" output_size: "10" port: "0" protocol: "http" regular_expression: "" replacement_message: "enable" replacemsg_group: " (source system.replacemsg-group.name)" required: "enable" script: "" sdn_connector: - name: "default_name_67 (source system.sdn-connector.name)" security_tag: "" system_action: "reboot" timeout: "0" tls_certificate: " (source certificate.local.name)" uri: "" verify_host_cert: "enable" Return Values ------------- Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module: .. raw:: html

build - Build number of the fortigate image returned: always type: str sample: 1547
http_method - Last method used to provision the content into FortiGate returned: always type: str sample: PUT
http_status - Last result given by FortiGate on last operation applied returned: always type: str sample: 200
mkey - Master key (id) used in the last call to FortiGate returned: success type: str sample: id
name - Name of the table used to fulfill the request returned: always type: str sample: urlfilter
path - Path of the table used to fulfill the request returned: always type: str sample: webfilter
revision - Internal revision number returned: always type: str sample: 17.0.2.10658
serial - Serial number of the unit returned: always type: str sample: FGVMEVYYQT3AB5352
status - Indication of the operation's result returned: always type: str sample: success
vdom - Virtual domain used returned: always type: str sample: root
version - Version of the FortiGate returned: always type: str sample: v5.6.3

Status ------ - This module is not guaranteed to have a backwards compatible interface. Authors ------- - Link Zheng (@chillancezen) - Jie Xue (@JieX19) - Hongbin Lu (@fgtdev-hblu) - Frank Shen (@frankshen01) - Miguel Angel Munoz (@mamunozgonzalez) - Nicolas Thomas (@thomnico) .. hint:: If you notice any issues in this documentation, you can create a pull request to improve it.

	Supported Version Ranges
system_automation_action	`v6.0.0 -> 7.6.6`

	Supported Version Ranges
action_type	`v6.0.0 -> 7.6.6`
[email]	`v6.0.0 -> 7.6.6`
[fortiexplorer-notification]	`v7.0.0 -> 7.6.6`
[alert]	`v6.0.0 -> 7.6.6`
[disable-ssid]	`v6.0.0 -> 7.6.6`
[system-actions]	`v7.2.1 -> 7.6.6`
[quarantine]	`v6.0.0 -> 7.6.6`
[quarantine-forticlient]	`v6.0.0 -> 7.6.6`
[quarantine-nsx]	`v6.2.0 -> 7.6.6`
[quarantine-fortinac]	`v6.4.0 -> v6.4.0`	`v6.4.4 -> 7.6.6`
[ban-ip]	`v6.0.0 -> 7.6.6`
[aws-lambda]	`v6.0.0 -> 7.6.6`
[azure-function]	`v6.2.0 -> 7.6.6`
[google-cloud-function]	`v6.2.0 -> 7.6.6`
[alicloud-function]	`v6.2.0 -> 7.6.6`
[webhook]	`v6.0.0 -> 7.6.6`
[cli-script]	`v6.2.0 -> 7.6.6`
[diagnose-script]	`v7.6.1 -> 7.6.6`
[regular-expression]	`v7.6.1 -> 7.6.6`
[slack-notification]	`v6.4.0 -> 7.6.6`
[microsoft-teams-notification]	`v7.0.0 -> 7.6.6`
[ios-notification]	`v6.0.0 -> v6.4.4`

	Supported Version Ranges
alicloud_access_key_id	`v6.2.0 -> 7.6.6`

	Supported Version Ranges
alicloud_access_key_secret	`v6.2.0 -> 7.6.6`

	Supported Version Ranges
alicloud_account_id	`v6.2.0 -> v6.4.4`

	Supported Version Ranges
alicloud_function_authorization	`v6.2.0 -> 7.6.6`
[anonymous]	`v6.2.0 -> 7.6.6`
[function]	`v6.2.0 -> 7.6.6`

	Supported Version Ranges
alicloud_function_domain	`v6.2.0 -> v6.4.4`

	Supported Version Ranges
azure_function_authorization	`v6.2.0 -> 7.6.6`
[anonymous]	`v6.2.0 -> 7.6.6`
[function]	`v6.2.0 -> 7.6.6`
[admin]	`v6.2.0 -> 7.6.6`

	Supported Version Ranges
execute_security_fabric	`v7.0.2 -> 7.6.6`
[enable]	`v7.0.2 -> 7.6.6`
[disable]	`v7.0.2 -> 7.6.6`

	Supported Version Ranges
file_only	`v7.6.4 -> 7.6.6`
[enable]	`v7.6.4 -> 7.6.6`
[disable]	`v7.6.4 -> 7.6.6`

	Supported Version Ranges
forticare_email	`v7.4.0 -> 7.6.6`
[enable]	`v7.4.0 -> 7.6.6`
[disable]	`v7.4.0 -> 7.6.6`

	Supported Version Ranges
gcp_function_domain	`v6.2.0 -> v6.4.4`

	Supported Version Ranges
gcp_function_region	`v6.2.0 -> v6.4.4`

	Supported Version Ranges
headers	`v6.0.0 -> v7.0.5`	`v7.2.0 -> v7.2.0`

	Supported Version Ranges
header	`v6.0.0 -> v7.0.5`	`v7.2.0 -> v7.2.0`

	Supported Version Ranges
http_headers	`v7.0.6 -> v7.0.12`	`v7.2.1 -> 7.6.6`

	Supported Version Ranges
value	`v7.0.6 -> v7.0.12`	`v7.2.1 -> 7.6.6`

	Supported Version Ranges
log_debug_print	`v7.6.3 -> 7.6.6`
[enable]	`v7.6.3 -> 7.6.6`
[disable]	`v7.6.3 -> 7.6.6`

	Supported Version Ranges
message_type	`v7.0.0 -> 7.6.6`
[text]	`v7.0.0 -> 7.6.6`
[json]	`v7.0.0 -> 7.6.6`
[form-data]	`v7.6.4 -> 7.6.6`

	Supported Version Ranges
method	`v6.0.0 -> 7.6.6`
[post]	`v6.0.0 -> 7.6.6`
[put]	`v6.0.0 -> 7.6.6`
[get]	`v6.0.0 -> 7.6.6`
[patch]	`v6.2.0 -> 7.6.6`
[delete]	`v6.2.0 -> 7.6.6`

	Supported Version Ranges
protocol	`v6.0.0 -> 7.6.6`
[http]	`v6.0.0 -> 7.6.6`
[https]	`v6.0.0 -> 7.6.6`

	Supported Version Ranges
replacement_message	`v7.0.0 -> 7.6.6`
[enable]	`v7.0.0 -> 7.6.6`
[disable]	`v7.0.0 -> 7.6.6`

	Supported Version Ranges
required	`v6.0.0 -> v7.0.0`
[enable]	`v6.0.0 -> v7.0.0`
[disable]	`v6.0.0 -> v7.0.0`

	Supported Version Ranges
system_action	`v7.2.1 -> 7.6.6`
[reboot]	`v7.2.1 -> 7.6.6`
[shutdown]	`v7.2.1 -> 7.6.6`
[backup-config]	`v7.2.1 -> 7.6.6`

	Supported Version Ranges
verify_host_cert	`v7.0.0 -> 7.6.6`
[enable]	`v7.0.0 -> 7.6.6`
[disable]	`v7.0.0 -> 7.6.6`