security_application_control_profile - Application Control Profile Resource
Added in version 1.0.0.
Synopsis
Application Control Profile Resource.
Use API “/resource-api/v2/security/application-control-profile/{direction}/{primaryKey}”.
Requirements
The below requirements are needed on the host that executes this module.
ansible>=2.17.0
Parameters
- state The state of the module. "present" means update the resource. This resource can't be deleted, and does not support "absent" state.type: strchoices: ['present', 'absent']default: present
- force_behavior Specify this option to force the method to use to interact with the resource.type: strchoices: ['none', 'read', 'create', 'update', 'delete']default: none
- bypass_validation Bypass validation of the module.type: booldefault: False
- params The parameters of the module.[Required]type: dict
- direction [Required]type: str
- primary_key [Required]type: str
- application_category_controls type: listelements: dict
- action type: strchoices: ['allow', 'block', 'monitor']
- category type: dict
- primary_key type: str
- datasource type: str
- application_controls type: listelements: dict
- action type: strchoices: ['allow', 'block', 'monitor']
- applications type: listelements: dict
- primary_key type: str
- datasource type: str
- unknown_application_action type: strchoices: ['allow', 'block', 'monitor']
- network_protocol_enforcement type: strchoices: ['disable', 'enable']
- network_protocols type: listelements: dict
- port type: int
- action type: strchoices: ['block', 'monitor', 'pass']
- services type: listelements: str
- block_non_default_port_applications type: strchoices: ['disable', 'enable']
Examples
# To configure this resource, please disable SWG Configuration.
- name: Update security application control profile
hosts: fortisase
gather_facts: false
vars:
direction: "outbound-profiles" # outbound-profiles or internal-profiles
profile_group: "profile_ansible"
tasks:
- name: Ensure security group exists, otherwise create it
fortinet.fortisase.security_profile_group:
params:
direction: "{{ direction }}"
primary_key: "{{ profile_group }}"
- name: Update security application control profile
fortinet.fortisase.security_application_control_profile:
params:
direction: "{{ direction }}"
primary_key: "{{ profile_group }}"
application_controls: []
block_non_default_port_applications: "disable"
network_protocol_enforcement: "disable"
network_protocols: []
unknown_application_action: "monitor"
application_category_controls:
- action: allow
category:
datasource: security/application-categories
primary_key: P2P
- action: allow
category:
datasource: security/application-categories
primary_key: VoIP
- action: allow
category:
datasource: security/application-categories
primary_key: Video/Audio
- action: allow
category:
datasource: security/application-categories
primary_key: Proxy
- action: allow
category:
datasource: security/application-categories
primary_key: Remote.Access
- action: allow
category:
datasource: security/application-categories
primary_key: Game
- action: allow
category:
datasource: security/application-categories
primary_key: General.Interest
- action: allow
category:
datasource: security/application-categories
primary_key: Network.Service
- action: allow
category:
datasource: security/application-categories
primary_key: Update
- action: allow
category:
datasource: security/application-categories
primary_key: Email
- action: allow
category:
datasource: security/application-categories
primary_key: Storage.Backup
- action: allow
category:
datasource: security/application-categories
primary_key: Social.Media
- action: allow
category:
datasource: security/application-categories
primary_key: Web.Client
- action: allow
category:
datasource: security/application-categories
primary_key: Industrial
- action: allow
category:
datasource: security/application-categories
primary_key: Collaboration
- action: allow
category:
datasource: security/application-categories
primary_key: Business
- action: allow
category:
datasource: security/application-categories
primary_key: Cloud.IT
- action: allow
category:
datasource: security/application-categories
primary_key: Mobile
- action: allow
category:
datasource: security/application-categories
primary_key: Unknown Applications
- action: allow
category:
datasource: security/application-categories
primary_key: GenAI
Return Values
- http_code type: intreturned: always
- response type: rawreturned: always