:source: fortios_web_proxy_profile.py
:orphan:
.. fortios_web_proxy_profile:
fortios_web_proxy_profile -- Configure web proxy profiles in Fortinet's FortiOS and FortiGate.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
.. versionadded:: 2.0.0
.. contents::
:local:
:depth: 1
Synopsis
--------
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify web_proxy feature and profile category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0
Requirements
------------
The below requirements are needed on the host that executes this module.
- ansible>=2.16
Tips
----
Using member operation to add an element to an existing object.
FortiOS Version Compatibility
-----------------------------
Supported Version Ranges: v6.0.0 -> v7.6.6
Parameters
----------
.. raw:: html
access_token - Token-based authentication. Generated from GUI of Fortigate. type: strrequired: false
enable_log - Enable/Disable logging for task. type: boolrequired: falsedefault: False
vdom - Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. type: strdefault: root
member_path - Member attribute path to operate on. type: str
member_state - Add or delete a member under specified attribute path. type: strchoices: present, absent
state - Indicates whether to create or remove the object. type: strrequired: truechoices: present, absent
web_proxy_profile - Configure web proxy profiles. type: dict more...
Supported Version Ranges
web_proxy_profile
v6.0.0 -> 7.6.6
header_client_cert - Action to take on the HTTP Client-Cert/Client-Cert-Chain headers in forwarded responses: forwards (pass), adds, or removes the HTTP header. type: strchoices: pass, add, remove more...
Supported Version Ranges
header_client_cert
v7.6.5 -> 7.6.6
[pass]
v7.6.5 -> 7.6.6
[add]
v7.6.5 -> 7.6.6
[remove]
v7.6.5 -> 7.6.6
header_client_ip - Action to take on the HTTP client-IP header in forwarded requests: forwards (pass), adds, or removes the HTTP header. type: strchoices: pass, add, remove more...
Supported Version Ranges
header_client_ip
v6.0.0 -> 7.6.6
[pass]
v6.0.0 -> 7.6.6
[add]
v6.0.0 -> 7.6.6
[remove]
v6.0.0 -> 7.6.6
header_front_end_https - Action to take on the HTTP front-end-HTTPS header in forwarded requests: forwards (pass), adds, or removes the HTTP header. type: strchoices: pass, add, remove more...
Supported Version Ranges
header_front_end_https
v6.0.0 -> 7.6.6
[pass]
v6.0.0 -> 7.6.6
[add]
v6.0.0 -> 7.6.6
[remove]
v6.0.0 -> 7.6.6
header_via_request - Action to take on the HTTP via header in forwarded requests: forwards (pass), adds, or removes the HTTP header. type: strchoices: pass, add, remove more...
Supported Version Ranges
header_via_request
v6.0.0 -> 7.6.6
[pass]
v6.0.0 -> 7.6.6
[add]
v6.0.0 -> 7.6.6
[remove]
v6.0.0 -> 7.6.6
header_via_response - Action to take on the HTTP via header in forwarded responses: forwards (pass), adds, or removes the HTTP header. type: strchoices: pass, add, remove more...
Supported Version Ranges
header_via_response
v6.0.0 -> 7.6.6
[pass]
v6.0.0 -> 7.6.6
[add]
v6.0.0 -> 7.6.6
[remove]
v6.0.0 -> 7.6.6
header_x_authenticated_groups - Action to take on the HTTP x-authenticated-groups header in forwarded requests: forwards (pass), adds, or removes the HTTP header. type: strchoices: pass, add, remove more...
Supported Version Ranges
header_x_authenticated_groups
v6.0.0 -> 7.6.6
[pass]
v6.0.0 -> 7.6.6
[add]
v6.0.0 -> 7.6.6
[remove]
v6.0.0 -> 7.6.6
header_x_authenticated_user - Action to take on the HTTP x-authenticated-user header in forwarded requests: forwards (pass), adds, or removes the HTTP header. type: strchoices: pass, add, remove more...
Supported Version Ranges
header_x_authenticated_user
v6.0.0 -> 7.6.6
[pass]
v6.0.0 -> 7.6.6
[add]
v6.0.0 -> 7.6.6
[remove]
v6.0.0 -> 7.6.6
header_x_forwarded_client_cert - Action to take on the HTTP x-forwarded-client-cert header in forwarded requests: forwards (pass), adds, or removes the HTTP header. type: strchoices: pass, add, remove more...
Supported Version Ranges
header_x_forwarded_client_cert
v7.0.1 -> 7.6.6
[pass]
v7.0.1 -> 7.6.6
[add]
v7.0.1 -> 7.6.6
[remove]
v7.0.1 -> 7.6.6
header_x_forwarded_for - Action to take on the HTTP x-forwarded-for header in forwarded requests: forwards (pass), adds, or removes the HTTP header. type: strchoices: pass, add, remove more...
name - Profile name. type: strrequired: true more...
Supported Version Ranges
name
v6.0.0 -> 7.6.6
strip_encoding - Enable/disable stripping unsupported encoding from the request header. type: strchoices: enable, disable more...
Supported Version Ranges
strip_encoding
v6.0.0 -> 7.6.6
[enable]
v6.0.0 -> 7.6.6
[disable]
v6.0.0 -> 7.6.6
Notes
-----
.. note::
- Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks
- The module supports check_mode.
Examples
--------
.. code-block:: yaml+jinja
- name: Configure web proxy profiles.
fortinet.fortios.fortios_web_proxy_profile:
vdom: "{{ vdom }}"
state: "present"
access_token: ""
web_proxy_profile:
header_client_cert: "pass"
header_client_ip: "pass"
header_front_end_https: "pass"
header_via_request: "pass"
header_via_response: "pass"
header_x_authenticated_groups: "pass"
header_x_authenticated_user: "pass"
header_x_forwarded_client_cert: "pass"
header_x_forwarded_for: "pass"
headers:
-
action: "add-to-request"
add_option: "append"
base64_encoding: "disable"
content: ""
dstaddr:
-
name: "default_name_18 (source firewall.address.name firewall.addrgrp.name)"
dstaddr6:
-
name: "default_name_20 (source firewall.address6.name firewall.addrgrp6.name)"
id: "21"
name: "default_name_22"
protocol: "https"
log_header_change: "enable"
name: "default_name_25"
strip_encoding: "enable"
Return Values
-------------
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
.. raw:: html
build - Build number of the fortigate image returned: alwaystype: strsample: 1547
http_method - Last method used to provision the content into FortiGate returned: alwaystype: strsample: PUT
http_status - Last result given by FortiGate on last operation applied returned: alwaystype: strsample: 200
mkey - Master key (id) used in the last call to FortiGate returned: successtype: strsample: id
name - Name of the table used to fulfill the request returned: alwaystype: strsample: urlfilter
path - Path of the table used to fulfill the request returned: alwaystype: strsample: webfilter
revision - Internal revision number returned: alwaystype: strsample: 17.0.2.10658
serial - Serial number of the unit returned: alwaystype: strsample: FGVMEVYYQT3AB5352
status - Indication of the operation's result returned: alwaystype: strsample: success
vdom - Virtual domain used returned: alwaystype: strsample: root
version - Version of the FortiGate returned: alwaystype: strsample: v5.6.3
Status
------
- This module is not guaranteed to have a backwards compatible interface.
Authors
-------
- Link Zheng (@chillancezen)
- Jie Xue (@JieX19)
- Hongbin Lu (@fgtdev-hblu)
- Frank Shen (@frankshen01)
- Miguel Angel Munoz (@mamunozgonzalez)
- Nicolas Thomas (@thomnico)
.. hint::
If you notice any issues in this documentation, you can create a pull request to improve it.