- source
fmgr_waf_profile_constraint_exception.py
- orphan
2.0.0
Warning
Starting in version 3.0.0, all input arguments will be named using the underscore naming convention (snake_case).
- Argument name before 3.0.0:
var-name
,var name
,var.name
- New argument name starting in 3.0.0:
var_name
FortiManager Ansible v2.4+ supports both previous argument name and new underscore name. You will receive deprecation warnings if you keep using the previous argument name. You can ignore the warning by setting deprecation_warnings=False in ansible.cfg.
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.x and v7.x.
The below requirements are needed on the host that executes this module.
- ansible>=2.15.0
Supported Version Ranges: v6.0.0 -> latest
- access_token -The token to access FortiManager without using username and password. type: str required: false
- bypass_validation - Only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters. type: bool required: false default: False
- enable_log - Enable/Disable logging for task. type: bool required: false default: False
- forticloud_access_token - Access token of forticloud managed API users, this option is available with FortiManager later than 6.4.0. type: str required: false
- proposed_method - The overridden method for the underlying Json RPC request. type: str required: false choices: set, update, add
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden. type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden. type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- workspace_locking_adom - Acquire the workspace lock if FortiManager is running in workspace mode. type: str required: false choices: global, custom adom including root
- workspace_locking_timeout - The maximum time in seconds to wait for other users to release workspace lock. type: integer required: false default: 300
- adom - The parameter in requested url type: str required: true
- profile - The parameter in requested url type: str required: true
- waf_profile_constraint_exception - HTTP constraint exception. type: dict
- address Host address. type: str
more...
Supported Version Ranges:
v6.0.0 -> latest
- content_length (Alias name: content-length) Http content length in request. type: str choices: [disable, enable]
more...
Supported Version Ranges:
v6.0.0 -> latest
- header_length (Alias name: header-length) Http header length in request. type: str choices: [disable, enable]
more...
Supported Version Ranges:
v6.0.0 -> latest
- hostname Enable/disable hostname check. type: str choices: [disable, enable]
more...
Supported Version Ranges:
v6.0.0 -> latest
- id Exception id. type: int
more...
Supported Version Ranges:
v6.0.0 -> latest
- line_length (Alias name: line-length) Http line length in request. type: str choices: [disable, enable]
more...
Supported Version Ranges:
v6.0.0 -> latest
- malformed Enable/disable malformed http request check. type: str choices: [disable, enable]
more...
Supported Version Ranges:
v6.0.0 -> latest
- max_cookie (Alias name: max-cookie) Maximum number of cookies in http request. type: str choices: [disable, enable]
more...
Supported Version Ranges:
v6.0.0 -> latest
- max_header_line (Alias name: max-header-line) Maximum number of http header line. type: str choices: [disable, enable]
more...
Supported Version Ranges:
v6.0.0 -> latest
- max_range_segment (Alias name: max-range-segment) Maximum number of range segments in http range line. type: str choices: [disable, enable]
more...
Supported Version Ranges:
v6.0.0 -> latest
- max_url_param (Alias name: max-url-param) Maximum number of parameters in url. type: str choices: [disable, enable]
more...
Supported Version Ranges:
v6.0.0 -> latest
- method Enable/disable http method check. type: str choices: [disable, enable]
more...
Supported Version Ranges:
v6.0.0 -> latest
- param_length (Alias name: param-length) Maximum length of parameter in url, http post request or http body. type: str choices: [disable, enable]
more...
Supported Version Ranges:
v6.0.0 -> latest
- pattern Url pattern. type: str
more...
Supported Version Ranges:
v6.0.0 -> latest
- regex Enable/disable regular expression based pattern match. type: str choices: [disable, enable]
more...
Supported Version Ranges:
v6.0.0 -> latest
- url_param_length (Alias name: url-param-length) Maximum length of parameter in url. type: str choices: [disable, enable]
more...
Supported Version Ranges:
v6.0.0 -> latest
- version Enable/disable http version check. type: str choices: [disable, enable]
more...
Supported Version Ranges:
v6.0.0 -> latest
Note
- Running in workspace locking mode is supported in this FortiManager module, the top level parameters workspace_locking_adom and workspace_locking_timeout help do the work. - To create or update an object, use state: present directive. - To delete an object, use state: absent directive - Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
- name: Example playbook (generated based on argument schema)
hosts: fortimanagers
connection: httpapi
vars:
ansible_httpapi_use_ssl: true
ansible_httpapi_validate_certs: false
ansible_httpapi_port: 443
tasks:
- name: HTTP constraint exception.
fortinet.fortimanager.fmgr_waf_profile_constraint_exception:
# bypass_validation: false
workspace_locking_adom: <value in [global, custom adom including root]>
workspace_locking_timeout: 300
# rc_succeeded: [0, -2, -3, ...]
# rc_failed: [-2, -3, ...]
adom: <your own value>
profile: <your own value>
state: present # <value in [present, absent]>
waf_profile_constraint_exception:
address: <string>
content_length: <value in [disable, enable]>
header_length: <value in [disable, enable]>
hostname: <value in [disable, enable]>
id: <integer>
line_length: <value in [disable, enable]>
malformed: <value in [disable, enable]>
max_cookie: <value in [disable, enable]>
max_header_line: <value in [disable, enable]>
max_range_segment: <value in [disable, enable]>
max_url_param: <value in [disable, enable]>
method: <value in [disable, enable]>
param_length: <value in [disable, enable]>
pattern: <string>
regex: <value in [disable, enable]>
url_param_length: <value in [disable, enable]>
version: <value in [disable, enable]>
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- meta - The result of the request.returned: always type: dict
- request_url - The full url requested. returned: always type: str sample: /sys/login/user
- response_code - The status of api request. returned: always type: int sample: 0
- response_data - The data body of the api response. returned: optional type: list or dict
- response_message - The descriptive message of the api response. returned: always type: str sample: OK
- system_information - The information of the target system. returned: always type: dict
- rc - The status the request. returned: always type: int sample: 0
- version_check_warning - Warning if the parameters used in the playbook are not supported by the current FortiManager version. returned: if at least one parameter not supported by the current FortiManager version type: list
- This module is not guaranteed to have a backwards compatible interface.
- Xinwei Du (@dux-fortinet)
- Xing Li (@lix-fortinet)
- Jie Xue (@JieX19)
- Link Zheng (@chillancezen)
- Frank Shen (@fshen01)
- Hongbin Lu (@fgtdev-hblu)