endpoint_sandbox_profiles - Sandbox Profile Resource

Added in version 1.0.0.

Synopsis

Sandbox Profile Resource.

Use API “/resource-api/v2/endpoint/sandbox-profiles/{primaryKey}”.

Requirements

The below requirements are needed on the host that executes this module.

  • ansible>=2.17.0

Parameters

  • state The state of the module. "present" means update the resource. This resource can't be deleted, and does not support "absent" state.type: strchoices: ['present', 'absent']default: present
  • force_behavior Specify this option to force the method to use to interact with the resource.type: strchoices: ['none', 'read', 'create', 'update', 'delete']default: none
  • bypass_validation Bypass validation of the module.type: booldefault: False
  • params The parameters of the module.[Required]type: dict
    • primary_key [Required]type: str
    • sandbox_mode type: strchoices: ['Disabled', 'FortiSASE', 'StandaloneFortiSandbox']
    • notification_type Integer representing how notifications should be handled on FortiSandbox file submission. 0 - display notification balloon when malware is detected in a submission. 1 - display a popup for all file submissions.type: rawchoices: ['0', '1']
    • timeout_awaiting_sandbox_results type: int
    • file_submission_options type: dict
      • all_email_downloads type: strchoices: ['disable', 'enable']
      • all_files_mapped_network_drives type: strchoices: ['disable', 'enable']
      • all_files_removable_media type: strchoices: ['disable', 'enable']
      • all_web_downloads type: strchoices: ['disable', 'enable']
    • detection_verdict_level type: strchoices: ['Clean', 'High', 'Low', 'Malicious', 'Medium']
    • exceptions type: dict
      • exclude_files_from_trusted_sources type: strchoices: ['disable', 'enable']
      • files type: listelements: str
      • folders type: listelements: str
    • remediation_actions type: strchoices: ['alert', 'quarantine']
    • host_name type: str
    • authentication type: bool
    • username type: str
    • password type: str

Examples

- name: Update sandbox profile
  hosts: fortisase
  gather_facts: false
  vars:
    primary_key: "policy1"
  tasks:
    - name: Create a new endpoint profile, do nothing if the endpoint profile already exists
      fortinet.fortisase.endpoint_policies:
        state: present
        params:
          primary_key: "{{ primary_key }}"
          enabled: true
    - name: Update sandbox profile
      fortinet.fortisase.endpoint_sandbox_profiles:
        params:
          primary_key: "{{ primary_key }}"
          sandbox_mode: "FortiSASE"  # Disabled, FortiSASE, StandaloneFortiSandbox
          detection_verdict_level: "Medium"
          exceptions:
            exclude_files_from_trusted_sources: "disable"
            files: []
            folders: []
          file_submission_options:
            all_email_downloads: "enable"
            all_files_mapped_network_drives: "enable"
            all_files_removable_media: "enable"
            all_web_downloads: "enable"
          remediation_actions: "quarantine"
          timeout_awaiting_sandbox_results: 0

Return Values

  • http_code type: intreturned: always
  • response type: rawreturned: always

Authors

  • Xinwei Du (@dux-fortinet)