:source: fmgd_system_global.py :orphan: .. _fmgd_system_global: fmgd_system_global -- Configure global attributes. ++++++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 1.0.0 .. contents:: :local: :depth: 1 Synopsis -------- - This module is able to configure a FortiManager device. - Examples include all parameters and values need to be adjusted to data sources before usage. - Tested with FortiManager v7.x. Requirements ------------ The below requirements are needed on the host that executes this module. - ansible-core>=2.16.0 FortiManager Version Compatibility ---------------------------------- .. raw:: html

Supported Version Ranges: v7.2.6 -> v7.2.12, v7.4.3 -> latest

Parameters ---------- .. raw:: html Notes ----- .. note:: - Running in workspace locking mode is supported in this FortiManager module, the top level parameters workspace_locking_adom and workspace_locking_timeout help do the work. - To create or update an object, use state: present directive. - To delete an object, use state: absent directive - Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded Examples -------- .. code-block:: yaml+jinja - name: Example playbook (generated based on argument schema) hosts: fortimanagers connection: httpapi gather_facts: false vars: ansible_httpapi_use_ssl: true ansible_httpapi_validate_certs: false ansible_httpapi_port: 443 tasks: - name: Configure global attributes. fortinet.fmgdevice.fmgd_system_global: # bypass_validation: false # workspace_locking_adom: # workspace_locking_timeout: 300 # rc_succeeded: [0, -2, -3, ...] # rc_failed: [-2, -3, ...] device: system_global: # admin_https_redirect: # admin_port: # admin_scp: # admin_sport: # admin_ssh_port: # admin_ssh_v1: # admintimeout: # gui_device_latitude: # gui_device_longitude: # gui_ipv6: # gui_theme: # hostname: # language: # timezone: # - "00" # - "01" # - "02" # - "03" # - "04" # - "05" # - "06" # - "07" # - "08" # - "09" # - "10" # - "11" # - "12" # - "13" # - "14" # - "15" # - "16" # - "17" # - "18" # - "19" # - "20" # - "21" # - "22" # - "23" # - "24" # - "25" # - "26" # - "27" # - "28" # - "29" # - "30" # - "31" # - "32" # - "33" # - "34" # - "35" # - "36" # - "37" # - "38" # - "39" # - "40" # - "41" # - "42" # - "43" # - "44" # - "45" # - "46" # - "47" # - "48" # - "49" # - "50" # - "51" # - "52" # - "53" # - "54" # - "55" # - "56" # - "57" # - "58" # - "59" # - "60" # - "61" # - "62" # - "63" # - "64" # - "65" # - "66" # - "67" # - "68" # - "69" # - "70" # - "71" # - "72" # - "73" # - "74" # - "75" # - "76" # - "77" # - "78" # - "79" # - "80" # - "81" # - "82" # - "83" # - "84" # - "85" # - "86" # - "87" # gui_lines_per_page: # check_reset_range: # pmtu_discovery: # gui_allow_incompatible_fabric_fgt: # admin_restrict_local: # gui_workflow_management: # send_pmtu_icmp: # tcp_halfclose_timer: # admin_server_cert: # dnsproxy_worker_count: # show_backplane_intf: # gui_custom_language: # ldapconntimeout: # auth_https_port: # revision_backup_on_logout: # arp_max_entry: # long_vdom_name: # pre_login_banner: # qsfpdd_split8_port: # max_route_cache_size: # fortitoken_cloud_push_status: # ssh_hostkey_override: # proxy_hardware_acceleration: # switch_controller_reserved_network: # ssd_trim_date: # wad_worker_count: # ssh_hostkey: # wireless_controller_port: # fgd_alert_subscription: # - "advisory" # - "latest-threat" # - "latest-virus" # - "latest-attack" # - "new-antivirus-db" # - "new-attack-db" # forticontroller_proxy_port: # dh_params: # memory_use_threshold_green: # proxy_cert_use_mgmt_vdom: # proxy_auth_lifetime_timeout: # gui_auto_upgrade_setup_warning: # gui_cdn_usage: # two_factor_email_expiry: # udp_idle_timer: # interface_subnet_usage: # forticontroller_proxy: # ssh_enc_algo: # - "chacha20-poly1305@openssh.com" # - "aes128-ctr" # - "aes192-ctr" # - "aes256-ctr" # - "arcfour256" # - "arcfour128" # - "aes128-cbc" # - "3des-cbc" # - "blowfish-cbc" # - "cast128-cbc" # - "aes192-cbc" # - "aes256-cbc" # - "arcfour" # - "rijndael-cbc@lysator.liu.se" # - "aes128-gcm@openssh.com" # - "aes256-gcm@openssh.com" # block_session_timer: # quic_pmtud: # admin_https_ssl_ciphersuites: # - "TLS-AES-128-GCM-SHA256" # - "TLS-AES-256-GCM-SHA384" # - "TLS-CHACHA20-POLY1305-SHA256" # - "TLS-AES-128-CCM-SHA256" # - "TLS-AES-128-CCM-8-SHA256" # security_rating_result_submission: # user_device_store_max_unified_mem: # management_port: # fortigslb_integration: # admin_https_ssl_versions: # - "tlsv1-0" # - "tlsv1-1" # - "tlsv1-2" # - "sslv3" # - "tlsv1-3" # cert_chain_max: # qsfp28_40g_port: # strong_crypto: # multi_factor_authentication: # fds_statistics: # gui_display_hostname: # two_factor_ftk_expiry: # wad_source_affinity: # ssl_static_key_ciphers: # daily_restart: # snat_route_change: # tcp_rst_timer: # anti_replay: # ssl_min_proto_version: # speedtestd_server_port: # cpu_use_threshold: # admin_host: # csr_ca_attribute: # fortiservice_port: # ssd_trim_hour: # purdue_level: # management_vdom: # quic_ack_thresold: # qsfpdd_100g_port: # ips_affinity: # vip_arp_range: # internet_service_database: # revision_image_auto_backup: # sflowd_max_children_num: # admin_https_pki_required: # special_file_23_support: # npu_neighbor_update: # log_single_cpu_high: # management_ip: # proxy_resource_mode: # admin_ble_button: # gui_firmware_upgrade_warning: # dp_tcp_normal_timer: # ipv6_allow_traffic_redirect: # cli_audit_log: # memory_use_threshold_extreme: # ha_affinity: # restart_time: # speedtestd_ctrl_port: # gui_wireless_opensecurity: # memory_use_threshold_red: # dp_fragment_timer: # wad_restart_start_time: # proxy_re_authentication_time: # gui_app_detection_sdwan: # scanunit_count: # tftp: # xstools_update_frequency: # clt_cert_req: # fortiextender_vlan_mode: # auth_http_port: # per_user_bal: # gui_date_format: # log_uuid_address: # cloud_communication: # lldp_reception: # two_factor_ftm_expiry: # quic_udp_payload_size_shaping_per_cid: # autorun_log_fsck: # vpn_ems_sn_check: # admin_ssh_password: # airplane_mode: # batch_cmdb: # ip_src_port_range: # strict_dirty_session_check: # user_device_store_max_devices: # dp_udp_idle_timer: # internal_switch_speed: # - "auto" # - "10full" # - "10half" # - "100full" # - "100half" # - "1000full" # - "1000auto" # forticonverter_config_upload: # ipsec_round_robin: # wad_affinity: # wifi_ca_certificate: # wimax_4g_usb: # miglog_affinity: # faz_disk_buffer_size: # ssh_kex_algo: # - "diffie-hellman-group1-sha1" # - "diffie-hellman-group14-sha1" # - "diffie-hellman-group-exchange-sha1" # - "diffie-hellman-group-exchange-sha256" # - "curve25519-sha256@libssh.org" # - "ecdh-sha2-nistp256" # - "ecdh-sha2-nistp384" # - "ecdh-sha2-nistp521" # - "diffie-hellman-group14-sha256" # - "diffie-hellman-group16-sha512" # - "diffie-hellman-group18-sha512" # auto_auth_extension_device: # forticarrier_bypass: # reset_sessionless_tcp: # early_tcp_npu_session: # http_unauthenticated_request_limit: # gui_local_out: # tcp_option: # proxy_auth_timeout: # fortiextender_discovery_lockdown: # lldp_transmission: # split_port: # gui_certificates: # cfg_save: # auth_keepalive: # split_port_mode: # - interface: # split_mode: # admin_forticloud_sso_login: # post_login_banner: # br_fdb_max_entry: # admin_telnet_port: # ip_fragment_mem_thresholds: # fortiextender_provision_on_authorization: # reboot_upon_config_restore: # syslog_affinity: # fortiextender_data_port: # quic_tls_handshake_timeout: # forticonverter_integration: # proxy_keep_alive_mode: # cmdbsvr_affinity: # wad_memory_change_granularity: # dhcp_lease_backup_interval: # check_protocol_header: # av_failopen_session: # ipsec_ha_seqjump_rate: # admin_hsts_max_age: # igmp_state_limit: # admin_login_max: # ipv6_allow_multicast_probe: # virtual_switch_vlan: # admin_lockout_threshold: # dp_pinhole_timer: # wireless_controller: # bfd_affinity: # ssd_trim_freq: # two_factor_sms_expiry: # traffic_priority: # proxy_and_explicit_proxy: # sslvpn_web_mode: # ssh_hostkey_password: # wad_csvc_db_count: # ipv6_allow_anycast_probe: # honor_df: # hyper_scale_vdom_num: # wad_csvc_cs_count: # internal_switch_mode: # cfg_revert_timeout: # admin_concurrent: # ipv6_allow_local_in_silent_drop: # tcp_halfopen_timer: # switch_controller: # dp_rsync_timer: # management_port_use_admin_sport: # gui_forticare_registration_setup_warning: # gui_replacement_message_groups: # security_rating_run_on_schedule: # admin_lockout_duration: # optimize_flow_mode: # private_data_encryption: # wireless_mode: # alias: # ssh_hostkey_algo: # - "ssh-rsa" # - "ecdsa-sha2-nistp521" # - "rsa-sha2-256" # - "rsa-sha2-512" # - "ssh-ed25519" # - "ecdsa-sha2-nistp384" # - "ecdsa-sha2-nistp256" # fortitoken_cloud: # av_affinity: # proxy_worker_count: # ipsec_asic_offload: # miglogd_children: # sslvpn_max_worker_count: # ssh_mac_algo: # - "hmac-md5" # - "hmac-md5-etm@openssh.com" # - "hmac-md5-96" # - "hmac-md5-96-etm@openssh.com" # - "hmac-sha1" # - "hmac-sha1-etm@openssh.com" # - "hmac-sha2-256" # - "hmac-sha2-256-etm@openssh.com" # - "hmac-sha2-512" # - "hmac-sha2-512-etm@openssh.com" # - "hmac-ripemd160" # - "hmac-ripemd160@openssh.com" # - "hmac-ripemd160-etm@openssh.com" # - "umac-64@openssh.com" # - "umac-128@openssh.com" # - "umac-64-etm@openssh.com" # - "umac-128-etm@openssh.com" # url_filter_count: # wifi_certificate: # radius_port: # sys_perf_log_interval: # gui_fortigate_cloud_sandbox: # auth_cert: # fortiextender: # admin_reset_button: # av_failopen: # user_device_store_max_users: # auth_session_limit: # ipv6_allow_local_in_slient_drop: # quic_congestion_control_algo: # auth_ike_saml_port: # wad_restart_end_time: # http_request_limit: # irq_time_accounting: # remoteauthtimeout: # admin_https_ssl_banned_ciphers: # - "RSA" # - "DHE" # - "ECDHE" # - "DSS" # - "ECDSA" # - "AES" # - "AESGCM" # - "CAMELLIA" # - "3DES" # - "SHA1" # - "SHA256" # - "SHA384" # - "STATIC" # - "CHACHA20" # - "ARIA" # - "AESCCM" # allow_traffic_redirect: # legacy_poe_device_support: # wad_restart_mode: # fds_statistics_period: # admin_telnet: # ipv6_accept_dad: # tcp_timewait_timer: # admin_console_timeout: # default_service_source_port: # quic_max_datagram_size: # refresh: # extender_controller_reserved_network: # url_filter_affinity: # policy_auth_concurrent: # ipsec_hmac_offload: # traffic_priority_level: # ipsec_qat_offload: # ssd_trim_min: # gui_date_time_source: # log_ssl_connection: # ndp_max_entry: # vdom_mode: # internet_service_download_list: # fortitoken_cloud_sync_interval: # ssd_trim_weekday: # two_factor_fac_expiry: # gui_rest_api_cache: # admin_forticloud_sso_default_profile: # proxy_auth_lifetime: # device_idle_timeout: # login_timestamp: # speedtest_server: # edit_vdom_prompt: # gui_cdn_domain_override: # admin_ssh_grace_time: # sslvpn_ems_sn_check: # user_server_cert: # gui_allow_default_hostname: # proxy_re_authentication_mode: # ipsec_soft_dec_async: # admin_maintainer: # dst: # fec_port: # ssh_kex_sha1: # ssh_mac_weak: # sslvpn_cipher_hardware_acceleration: # sys_file_check_interval: # ssh_hmac_md5: # ssh_cbc_cipher: # gui_fortiguard_resource_fetch: # sslvpn_kxp_hardware_acceleration: # sslvpn_plugin_version_check: # fortiipam_integration: # gui_firmware_upgrade_setup_warning: # log_uuid_policy: # per_user_bwl: # gui_fortisandbox_cloud: # fortitoken_cloud_service: # hw_switch_ether_filter: # virtual_server_count: # endpoint_control_fds_access: # proxy_cipher_hardware_acceleration: # proxy_kxp_hardware_acceleration: # virtual_server_hardware_acceleration: # user_history_password_threshold: # delay_tcp_npu_session: # auth_session_auto_backup_interval: # ip_conflict_detection: # gtpu_dynamic_source_port: # ip_fragment_timeout: # ipv6_fragment_timeout: # scim_server_cert: # scim_http_port: # auth_session_auto_backup: # scim_https_port: # httpd_max_worker_count: # rest_api_key_url_query: # single_vdom_npuvlink: # slbc_fragment_mem_thresholds: # upgrade_report: # application_bandwidth_tracking: # fortitoken_cloud_region: # black_box_interval: # black_box: # tls_session_cache: # wad_p2s_max_body_size: # telemetry_controller: # telemetry_data_port: # user_device_store_max_device_mem: # sslvpn_affinity: # admin_timeout: # username_case_sensitivity: # proxy_auth_machine_timeout: # fin_wait_timeout: # udp_stream_timeout: # license_overlimit: # tcp_random_source_port: # close_wait_timeout: # img_cache_mode: # max_session_per_user: # update_tls_finger_print: # kernel_panic_debug: # syn_recv_timeout: # resigned_pkey_period: # kernel_panic_timeout: # v_tpm: # time_wait_timeout: # established_timeout: # syn_sent_timeout: # last_ack_timeout: # max_img_cache_size: # http_view: # conntrack: # kernel_panic_on_warn: # crwl_log: # udp_timeout: # geoip_full_db: # fortiguard_audit_result_submission: # ldap_server_algorithm: # router_affinity: # ipv6_snat_route_change: # web_svc_auto_restart_time_threshold: # web_svc_auto_restart_mem_threshold: # web_svc_auto_restart: # log_daemon_cpu_threshold: # wad_worker_dev_cache: Return Values ------------- Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module: .. raw:: html
  • meta - The result of the request.returned: always type: dict
    • request_url - The full url requested. returned: always type: str sample: /sys/login/user
    • response_code - The status of api request. returned: always type: int sample: 0
    • response_data - The data body of the api response. returned: optional type: list or dict
    • response_message - The descriptive message of the api response. returned: always type: str sample: OK
    • system_information - The information of the target system. returned: always type: dict
  • rc - The status the request. returned: always type: int sample: 0
  • version_check_warning - Warning if the parameters used in the playbook are not supported by the current FortiManager version. returned: if at least one parameter not supported by the current FortiManager version type: list
Status ------ - This module is not guaranteed to have a backwards compatible interface. Authors ------- - Xinwei Du (@dux-fortinet) - Xing Li (@lix-fortinet) - Jie Xue (@JieX19) - Link Zheng (@chillancezen) - Frank Shen (@fshen01) - Hongbin Lu (@fgtdev-hblu)