- source
fmgr_move.py
- orphan
2.0.0
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.x and v7.x.
The below requirements are needed on the host that executes this module.
- ansible>=2.15.0
- access_token -The token to access FortiManager without using username and password. type: str required: false
- enable_log - Enable/Disable logging for task. type: bool required: false default: False
- forticloud_access_token - Access token of forticloud managed API users, this option is available with FortiManager later than 6.4.0. type: str required: false
- workspace_locking_adom - Acquire the workspace lock if FortiManager is running in workspace mode. type: str required: false choices: global, custom adom including root
- workspace_locking_timeout - The maximum time in seconds to wait for other users to release workspace lock. type: integer required: false default: 300
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden. type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden. type: list required: false
- move - Reorder Two Objects. type: dict
- action - Direction to indicate where to move an object entry. type: str required: true choices: before, after
- selector - Selector of the moved object. type: str choices:
- apcfgprofile_commandlist - available versions: v6.4.6->latest
- application_casi_profile_entries - available versions: v6.2.0->v6.2.12
- application_list_defaultnetworkservices - available versions: v6.2.0->latest
- application_list_entries - available versions: v6.0.0->latest
- application_list_entries_parameters - available versions: v6.0.0->latest
- bonjourprofile_policylist - available versions: v6.0.0->latest
- casb_profile - available versions: v7.4.1->latest
- casb_saasapplication - available versions: v7.4.1->latest
- casb_useractivity - available versions: v7.4.1->latest
- cifs_profile_filefilter_entries - available versions: v6.2.0->latest
- dlp_dictionary_entries - available versions: v7.2.0->latest
- dlp_filepattern_entries - available versions: v6.0.0->latest
- dlp_profile_rule - available versions: v7.2.0->latest
- dlp_sensor_entries - available versions: v7.2.0->latest
- dlp_sensor_filter - available versions: v6.0.0->latest
- dnsfilter_domainfilter_entries - available versions: v6.0.0->latest
- dnsfilter_urlfilter_entries - available versions: v6.2.0->v6.2.12
- emailfilter_blockallowlist_entries - available versions: v7.0.0->latest
- emailfilter_bwl_entries - available versions: v6.2.0->latest
- emailfilter_bword_entries - available versions: v6.2.0->latest
- emailfilter_profile_filefilter_entries - available versions: v6.2.0->latest
- endpointcontrol_fctems - available versions: v7.0.2->latest
- extendercontroller_extenderprofile_cellular_smsnotification_receiver - available versions: v7.0.2->latest
- extendercontroller_extenderprofile_lanextension_backhaul - available versions: v7.0.2->latest
- extensioncontroller_extenderprofile_cellular_smsnotification_receiver - available versions: v7.2.1->latest
- extensioncontroller_extenderprofile_lanextension_backhaul - available versions: v7.2.1->latest
- filefilter_profile_rules - available versions: v6.4.1->latest
- firewall_accessproxy - available versions: v7.0.0->latest
- firewall_accessproxy6 - available versions: v7.2.1->latest
- firewall_accessproxysshclientcert - available versions: v7.4.2->latest
- firewall_accessproxyvirtualhost - available versions: v7.0.1->latest
- firewall_carrierendpointbwl_entries - available versions: v6.0.0->latest
- firewall_casbprofile - available versions: v7.4.1->v7.4.1
- firewall_identitybasedroute - available versions: v6.0.0->latest
- firewall_profileprotocoloptions_cifs_filefilter_entries - available versions: v6.4.2->latest
- firewall_service_category - available versions: v6.0.0->latest
- firewall_service_custom - available versions: v6.0.0->latest
- firewall_shapingprofile_shapingentries - available versions: v6.0.0->latest
- firewall_vip - available versions: v6.0.0->latest
- firewall_vip6 - available versions: v6.0.0->latest
- ips_sensor_entries - available versions: v6.0.0->latest
- ips_sensor_filter - available versions: v6.0.0->v6.2.0
- mpskprofile_mpskgroup - available versions: v6.4.2->latest
- mpskprofile_mpskgroup_mpskkey - available versions: v6.4.2->latest
- pkg_authentication_rule - available versions: v6.2.1->latest
- pkg_central_dnat - available versions: v6.0.0->latest
- pkg_central_dnat6 - available versions: v6.4.2->latest
- pkg_firewall_acl - available versions: v7.2.0->v7.2.0
- pkg_firewall_acl6 - available versions: v7.2.0->v7.2.0
- pkg_firewall_centralsnatmap - available versions: v6.0.0->latest
- pkg_firewall_consolidated_policy - available versions: v6.2.0->latest
- pkg_firewall_dospolicy - available versions: v6.0.0->latest
- pkg_firewall_dospolicy6 - available versions: v6.0.0->latest
- pkg_firewall_explicitproxypolicy - available versions: v6.2.0->v6.2.12
- pkg_firewall_explicitproxypolicy_identitybasedpolicy - available versions: v6.2.0->v6.2.12
- pkg_firewall_hyperscalepolicy - available versions: v6.4.7->v6.4.14, v7.0.1->v7.2.0
- pkg_firewall_hyperscalepolicy46 - available versions: v6.4.7->v6.4.14, v7.0.1->v7.2.0
- pkg_firewall_hyperscalepolicy6 - available versions: v6.4.7->v6.4.14, v7.0.1->v7.2.0
- pkg_firewall_hyperscalepolicy64 - available versions: v6.4.7->v6.4.14, v7.0.1->v7.2.0
- pkg_firewall_interfacepolicy - available versions: v6.0.0->v7.2.2
- pkg_firewall_interfacepolicy6 - available versions: v6.0.0->v7.2.2
- pkg_firewall_localinpolicy - available versions: v6.0.0->latest
- pkg_firewall_localinpolicy6 - available versions: v6.0.0->latest
- pkg_firewall_multicastpolicy - available versions: v6.0.0->latest
- pkg_firewall_multicastpolicy6 - available versions: v6.0.0->latest
- pkg_firewall_policy - available versions: v6.0.0->latest
- pkg_firewall_policy46 - available versions: v6.0.0->latest
- pkg_firewall_policy6 - available versions: v6.0.0->latest
- pkg_firewall_policy64 - available versions: v6.0.0->latest
- pkg_firewall_proxypolicy - available versions: v6.0.0->latest
- pkg_firewall_securitypolicy - available versions: v6.2.1->latest
- pkg_firewall_shapingpolicy - available versions: v6.0.0->latest
- pkg_user_nacpolicy - available versions: v7.2.1->latest
- pm_config_pblock_firewall_consolidated_policy - available versions: v7.0.3->latest
- pm_config_pblock_firewall_policy - available versions: v7.0.3->latest
- pm_config_pblock_firewall_policy6 - available versions: v7.0.3->latest
- pm_config_pblock_firewall_securitypolicy - available versions: v7.0.3->latest
- spamfilter_bwl_entries - available versions: v6.0.0->v7.2.1
- spamfilter_bword_entries - available versions: v6.0.0->v7.2.1
- sshfilter_profile_filefilter_entries - available versions: v6.2.2->latest
- sshfilter_profile_shellcommands - available versions: v6.0.0->latest
- switchcontroller_dynamicportpolicy_policy - available versions: v7.2.1->latest
- switchcontroller_managedswitch - available versions: v6.0.0->latest
- system_sdnconnector_compartmentlist - available versions: v7.4.0->latest
- system_sdnconnector_externalaccountlist - available versions: v7.0.3->latest
- system_sdnconnector_externalip - available versions: v6.0.0->latest
- system_sdnconnector_forwardingrule - available versions: v7.0.2->latest
- system_sdnconnector_gcpprojectlist - available versions: v6.4.7->v6.4.14, v7.0.2->latest
- system_sdnconnector_nic - available versions: v6.0.0->latest
- system_sdnconnector_nic_ip - available versions: v6.0.0->latest
- system_sdnconnector_ociregionlist - available versions: v7.4.0->latest
- system_sdnconnector_route - available versions: v6.0.0->latest
- system_sdnconnector_routetable - available versions: v6.0.0->latest
- system_sdnconnector_routetable_route - available versions: v6.0.0->latest
- user_deviceaccesslist_devicelist - available versions: v6.2.2->v7.2.1
- vap_vlanname - available versions: v7.0.3->latest
- videofilter_profile_filters - available versions: v7.4.2->latest
- videofilter_profile_fortiguardcategory_filters - available versions: v7.0.0->latest
- videofilter_youtubechannelfilter_entries - available versions: v7.0.0->latest
- vpn_ipsec_fec_mappings - available versions: v7.2.0->latest
- vpn_ssl_settings_authenticationrule - available versions: v6.2.6->v6.2.12, v6.4.2->latest
- vpnsslweb_portal_bookmarkgroup - available versions: v6.0.0->latest
- vpnsslweb_portal_bookmarkgroup_bookmarks - available versions: v6.0.0->latest
- vpnsslweb_portal_splitdns - available versions: v6.0.0->latest
- wanprof_system_sdwan_members - available versions: v6.4.1->latest
- wanprof_system_sdwan_service - available versions: v6.4.1->latest
- wanprof_system_sdwan_service_sla - available versions: v6.4.1->latest
- wanprof_system_sdwan_zone - available versions: v6.4.1->latest
- wanprof_system_virtualwanlink_members - available versions: v6.0.0->latest
- wanprof_system_virtualwanlink_service - available versions: v6.0.0->latest
- wanprof_system_virtualwanlink_service_sla - available versions: v6.0.0->latest
- webfilter_contentheader_entries - available versions: v6.0.0->latest
- webfilter_profile_filefilter_entries - available versions: v6.2.0->latest
- webfilter_urlfilter_entries - available versions: v6.0.0->latest
- wireless_accesscontrollist_layer3ipv4rules - available versions: v7.2.1->latest
- wireless_accesscontrollist_layer3ipv6rules - available versions: v7.2.1->latest
- self - The parameter for each selector. type: dict choices:
- params for apcfgprofile_commandlist:
- adom
- apcfg-profile
- command-list
- params for application_casi_profile_entries:
- adom
- profile
- entries
- params for application_list_defaultnetworkservices:
- adom
- list
- default-network-services
- params for application_list_entries:
- adom
- list
- entries
- params for application_list_entries_parameters:
- adom
- list
- entries
- parameters
- params for bonjourprofile_policylist:
- adom
- bonjour-profile
- policy-list
- params for casb_profile:
- adom
- profile
- params for casb_saasapplication:
- adom
- saas-application
- params for casb_useractivity:
- adom
- user-activity
- params for cifs_profile_filefilter_entries:
- adom
- profile
- entries
- params for dlp_dictionary_entries:
- adom
- dictionary
- entries
- params for dlp_filepattern_entries:
- adom
- filepattern
- entries
- params for dlp_profile_rule:
- adom
- profile
- rule
- params for dlp_sensor_entries:
- adom
- sensor
- entries
- params for dlp_sensor_filter:
- adom
- sensor
- filter
- params for dnsfilter_domainfilter_entries:
- adom
- domain-filter
- entries
- params for dnsfilter_urlfilter_entries:
- adom
- urlfilter
- entries
- params for emailfilter_blockallowlist_entries:
- adom
- block-allow-list
- entries
- params for emailfilter_bwl_entries:
- adom
- bwl
- entries
- params for emailfilter_bword_entries:
- adom
- bword
- entries
- params for emailfilter_profile_filefilter_entries:
- adom
- profile
- entries
- params for endpointcontrol_fctems:
- adom
- fctems
- params for extendercontroller_extenderprofile_cellular_smsnotification_receiver:
- adom
- extender-profile
- receiver
- params for extendercontroller_extenderprofile_lanextension_backhaul:
- adom
- extender-profile
- backhaul
- params for extensioncontroller_extenderprofile_cellular_smsnotification_receiver:
- adom
- extender-profile
- receiver
- params for extensioncontroller_extenderprofile_lanextension_backhaul:
- adom
- extender-profile
- backhaul
- params for filefilter_profile_rules:
- adom
- profile
- rules
- params for firewall_accessproxy:
- adom
- access-proxy
- params for firewall_accessproxy6:
- adom
- access-proxy6
- params for firewall_accessproxysshclientcert:
- adom
- access-proxy-ssh-client-cert
- params for firewall_accessproxyvirtualhost:
- adom
- access-proxy-virtual-host
- params for firewall_carrierendpointbwl_entries:
- adom
- carrier-endpoint-bwl
- entries
- params for firewall_casbprofile:
- adom
- casb-profile
- params for firewall_identitybasedroute:
- adom
- identity-based-route
- params for firewall_profileprotocoloptions_cifs_filefilter_entries:
- adom
- profile-protocol-options
- entries
- params for firewall_service_category:
- adom
- category
- params for firewall_service_custom:
- adom
- custom
- params for firewall_shapingprofile_shapingentries:
- adom
- shaping-profile
- shaping-entries
- params for firewall_vip:
- adom
- vip
- params for firewall_vip6:
- adom
- vip6
- params for ips_sensor_entries:
- adom
- sensor
- entries
- params for ips_sensor_filter:
- adom
- sensor
- filter
- params for mpskprofile_mpskgroup:
- adom
- mpsk-profile
- mpsk-group
- params for mpskprofile_mpskgroup_mpskkey:
- adom
- mpsk-profile
- mpsk-group
- mpsk-key
- params for pkg_authentication_rule:
- adom
- pkg
- rule
- params for pkg_central_dnat:
- adom
- pkg
- dnat
- params for pkg_central_dnat6:
- adom
- pkg
- dnat6
- params for pkg_firewall_acl:
- adom
- pkg
- acl
- params for pkg_firewall_acl6:
- adom
- pkg
- acl6
- params for pkg_firewall_centralsnatmap:
- adom
- pkg
- central-snat-map
- params for pkg_firewall_consolidated_policy:
- adom
- pkg
- policy
- params for pkg_firewall_dospolicy:
- adom
- pkg
- DoS-policy
- params for pkg_firewall_dospolicy6:
- adom
- pkg
- DoS-policy6
- params for pkg_firewall_explicitproxypolicy:
- adom
- pkg
- explicit-proxy-policy
- params for pkg_firewall_explicitproxypolicy_identitybasedpolicy:
- adom
- pkg
- explicit-proxy-policy
- identity-based-policy
- params for pkg_firewall_hyperscalepolicy:
- adom
- pkg
- hyperscale-policy
- params for pkg_firewall_hyperscalepolicy46:
- adom
- pkg
- hyperscale-policy46
- params for pkg_firewall_hyperscalepolicy6:
- adom
- pkg
- hyperscale-policy6
- params for pkg_firewall_hyperscalepolicy64:
- adom
- pkg
- hyperscale-policy64
- params for pkg_firewall_interfacepolicy:
- adom
- pkg
- interface-policy
- params for pkg_firewall_interfacepolicy6:
- adom
- pkg
- interface-policy6
- params for pkg_firewall_localinpolicy:
- adom
- pkg
- local-in-policy
- params for pkg_firewall_localinpolicy6:
- adom
- pkg
- local-in-policy6
- params for pkg_firewall_multicastpolicy:
- adom
- pkg
- multicast-policy
- params for pkg_firewall_multicastpolicy6:
- adom
- pkg
- multicast-policy6
- params for pkg_firewall_policy:
- adom
- pkg
- policy
- params for pkg_firewall_policy46:
- adom
- pkg
- policy46
- params for pkg_firewall_policy6:
- adom
- pkg
- policy6
- params for pkg_firewall_policy64:
- adom
- pkg
- policy64
- params for pkg_firewall_proxypolicy:
- adom
- pkg
- proxy-policy
- params for pkg_firewall_securitypolicy:
- adom
- pkg
- security-policy
- params for pkg_firewall_shapingpolicy:
- adom
- pkg
- shaping-policy
- params for pkg_user_nacpolicy:
- adom
- pkg
- nac-policy
- params for pm_config_pblock_firewall_consolidated_policy:
- adom
- pblock
- policy
- params for pm_config_pblock_firewall_policy:
- adom
- pblock
- policy
- params for pm_config_pblock_firewall_policy6:
- adom
- pblock
- policy6
- params for pm_config_pblock_firewall_securitypolicy:
- adom
- pblock
- security-policy
- params for spamfilter_bwl_entries:
- adom
- bwl
- entries
- params for spamfilter_bword_entries:
- adom
- bword
- entries
- params for sshfilter_profile_filefilter_entries:
- adom
- profile
- entries
- params for sshfilter_profile_shellcommands:
- adom
- profile
- shell-commands
- params for switchcontroller_dynamicportpolicy_policy:
- adom
- dynamic-port-policy
- policy
- params for switchcontroller_managedswitch:
- adom
- managed-switch
- params for system_sdnconnector_compartmentlist:
- adom
- sdn-connector
- compartment-list
- params for system_sdnconnector_externalaccountlist:
- adom
- sdn-connector
- external-account-list
- params for system_sdnconnector_externalip:
- adom
- sdn-connector
- external-ip
- params for system_sdnconnector_forwardingrule:
- adom
- sdn-connector
- forwarding-rule
- params for system_sdnconnector_gcpprojectlist:
- adom
- sdn-connector
- gcp-project-list
- params for system_sdnconnector_nic:
- adom
- sdn-connector
- nic
- params for system_sdnconnector_nic_ip:
- adom
- sdn-connector
- nic
- ip
- params for system_sdnconnector_ociregionlist:
- adom
- sdn-connector
- oci-region-list
- params for system_sdnconnector_route:
- adom
- sdn-connector
- route
- params for system_sdnconnector_routetable:
- adom
- sdn-connector
- route-table
- params for system_sdnconnector_routetable_route:
- adom
- sdn-connector
- route-table
- route
- params for user_deviceaccesslist_devicelist:
- adom
- device-access-list
- device-list
- params for vap_vlanname:
- adom
- vap
- vlan-name
- params for videofilter_profile_filters:
- adom
- profile
- filters
- params for videofilter_profile_fortiguardcategory_filters:
- adom
- profile
- filters
- params for videofilter_youtubechannelfilter_entries:
- adom
- youtube-channel-filter
- entries
- params for vpn_ipsec_fec_mappings:
- adom
- fec
- mappings
- params for vpn_ssl_settings_authenticationrule:
- device
- vdom
- authentication-rule
- params for vpnsslweb_portal_bookmarkgroup:
- adom
- portal
- bookmark-group
- params for vpnsslweb_portal_bookmarkgroup_bookmarks:
- adom
- portal
- bookmark-group
- bookmarks
- params for vpnsslweb_portal_splitdns:
- adom
- portal
- split-dns
- params for wanprof_system_sdwan_members:
- adom
- wanprof
- members
- params for wanprof_system_sdwan_service:
- adom
- wanprof
- service
- params for wanprof_system_sdwan_service_sla:
- adom
- wanprof
- service
- sla
- params for wanprof_system_sdwan_zone:
- adom
- wanprof
- zone
- params for wanprof_system_virtualwanlink_members:
- adom
- wanprof
- members
- params for wanprof_system_virtualwanlink_service:
- adom
- wanprof
- service
- params for wanprof_system_virtualwanlink_service_sla:
- adom
- wanprof
- service
- sla
- params for webfilter_contentheader_entries:
- adom
- content-header
- entries
- params for webfilter_profile_filefilter_entries:
- adom
- profile
- entries
- params for webfilter_urlfilter_entries:
- adom
- urlfilter
- entries
- params for wireless_accesscontrollist_layer3ipv4rules:
- adom
- access-control-list
- layer3-ipv4-rules
- params for wireless_accesscontrollist_layer3ipv6rules:
- adom
- access-control-list
- layer3-ipv6-rules
- target - Key to the target entry. type: str required: true
Note
- Running in workspace locking mode is supported in this FortiManager module, the top level parameters workspace_locking_adom and workspace_locking_timeout help do the work.
- Selector is a mandatory parameter for the module, and the params is varying depending on the selector.
- Semantic description for the module: move
self
action(before or after)
target
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
- name: Move an object
hosts: fortimanagers
connection: httpapi
vars:
ansible_httpapi_use_ssl: true
ansible_httpapi_validate_certs: false
ansible_httpapi_port: 443
tasks:
- name: Move a firewall vip object
fortinet.fortimanager.fmgr_move:
move:
selector: "firewall_vip"
target: "ansible-test-vip_first"
action: "before"
self:
adom: "root"
vip: "ansible-test-vip_second"
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- meta - The result of the request.returned: always type: dict
- request_url - The full url requested. returned: always type: str sample: /sys/login/user
- response_code - The status of api request. returned: always type: int sample: 0
- response_data - The data body of the api response. returned: optional type: list or dict
- response_message - The descriptive message of the api response. returned: always type: str sample: OK
- system_information - The information of the target system. returned: always type: dict
- rc - The status the request. returned: always type: int 0
- version_check_warning - Warning if the parameters used in the playbook are not supported by the current FortiManager version. returned: if at least on parameter mpt supported by the current FortiManager version type: list 0
- This module is not guaranteed to have a backwards compatible interface.
- Xinwei Du (@dux-fortinet)
- Xing Li (@lix-fortinet)
- Jie Xue (@JieX19)
- Link Zheng (@chillancezen)
- Frank Shen (@fshen01)
- Hongbin Lu (@fgtdev-hblu)
Hint
If you notice any issues in this documentation, you can create a pull request to improve it.