endpoint_protection_profiles - Protection Profile Resource

Added in version 1.0.0.

Synopsis

Protection Profile Resource.

Use API “/resource-api/v2/endpoint/protection-profiles/{primaryKey}”.

Requirements

The below requirements are needed on the host that executes this module.

  • ansible>=2.17.0

Parameters

  • state The state of the module. "present" means update the resource. This resource can't be deleted, and does not support "absent" state.type: strchoices: ['present', 'absent']default: present
  • force_behavior Specify this option to force the method to use to interact with the resource.type: strchoices: ['none', 'read', 'create', 'update', 'delete']default: none
  • bypass_validation Bypass validation of the module.type: booldefault: False
  • params The parameters of the module.[Required]type: dict
    • primary_key [Required]type: str
    • antivirus type: strchoices: ['disable', 'enable']
    • antiransomware type: strchoices: ['disable', 'enable']
    • event_based_scanning type: strchoices: ['disable', 'enable']
    • vulnerability_scan type: strchoices: ['disable', 'enable']
    • automatically_patch_vulnerabilities type: strchoices: ['disable', 'enable']
    • automatic_vulnerability_patch_level type: strchoices: ['critical', 'high', 'low', 'medium']
    • notify_endpoint_of_blocks type: strchoices: ['disable', 'enable']
    • default_action type: strchoices: ['allow', 'block', 'monitor']
    • rules type: listelements: dict
      • action type: strchoices: ['allow', 'block', 'monitor']
      • type type: strchoices: ['regex', 'simple']
      • description type: str
      • class type: strchoices: ['Bluetooth', 'CDROM', 'Camera', 'HID', 'SmartCardReader', 'USBDevice', 'WPD']
      • manufacturer type: str
      • vendor_id type: str
      • product_id type: str
      • revision type: str
    • exclusions type: dict
      • files type: listelements: str
      • folders type: listelements: str
    • protected_folders_path type: listelements: str
    • scheduled_scan type: dict
      • time type: str
      • repeat type: strchoices: ['daily', 'monthly', 'weekly']
      • day type: int

Examples

- name: Update protection profile
  hosts: fortisase
  gather_facts: false
  vars:
    primary_key: "policy1"
  tasks:
    - name: Create a new endpoint profile, do nothing if the endpoint profile already exists
      fortinet.fortisase.endpoint_policies:
        state: present
        params:
          primary_key: "{{ primary_key }}"
          enabled: true
    - name: Update protection profile
      fortinet.fortisase.endpoint_protection_profiles:
        params:
          primary_key: "{{ primary_key }}"
          antiransomware: "disable"
          antivirus: "enable"
          automatically_patch_vulnerabilities: "disable"
          default_action: "allow"
          event_based_scanning: "enable"
          notify_endpoint_of_blocks: "enable"
          rules: []
          scheduled_scan:
            day: 1
            repeat: "weekly"
            time: "00:00"
          vulnerability_scan: "enable"

Return Values

  • http_code type: intreturned: always
  • response type: rawreturned: always

Authors

  • Xinwei Du (@dux-fortinet)