security_ips_profile - IPS Profile Resource

Added in version 1.0.0.

Synopsis

IPS Profile Resource.

Use API “/resource-api/v2/security/ips-profile/{direction}/{primaryKey}”.

Requirements

The below requirements are needed on the host that executes this module.

  • ansible>=2.17.0

Parameters

  • state The state of the module. "present" means update the resource. This resource can't be deleted, and does not support "absent" state.type: strchoices: ['present', 'absent']default: present
  • force_behavior Specify this option to force the method to use to interact with the resource.type: strchoices: ['none', 'read', 'create', 'update', 'delete']default: none
  • bypass_validation Bypass validation of the module.type: booldefault: False
  • params The parameters of the module.[Required]type: dict
    • direction [Required]type: str
    • primary_key [Required]type: str
    • profile_type type: strchoices: ['critical', 'custom', 'monitor', 'recommended']
    • custom_rule_groups type: listelements: dict
      • action type: strchoices: ['allow', 'block', 'monitor']
      • signatures type: listelements: dict
        • primary_key type: str
        • datasource type: str
    • is_blocking_malicious_url type: bool
    • botnet_scanning type: strchoices: ['block', 'disable', 'monitor']
    • is_extended_log_enabled type: bool
    • comment type: str
    • entries type: listelements: dict
      • rule type: listelements: dict
        • primary_key type: str
        • datasource type: strchoices: ['security/ips-custom-signatures', 'security/ips-rule']
      • location type: str
      • severity type: str
      • protocol type: str
      • os type: str
      • application type: str
      • cve type: listelements: str
      • status type: strchoices: ['default', 'disable', 'enable']
      • log type: strchoices: ['disable', 'enable']
      • log_packet type: strchoices: ['disable', 'enable']
      • log_attack_context type: str
      • action type: strchoices: ['block', 'default', 'pass']
      • vuln_type type: listelements: dict
        • id type: int
      • quarantine type: str
      • exempt_ip type: listelements: dict
        • id type: int
        • src_ip type: str
        • dst_ip type: str
      • default_action type: strchoices: ['all', 'block', 'pass']
      • default_status type: strchoices: ['all', 'disable', 'enable']

Examples

- name: Update security ips profile
  hosts: fortisase
  gather_facts: false
  vars:
    direction: "outbound-profiles" # outbound-profiles or internal-profiles
    profile_group: "profile_ansible"
  tasks:
    - name: Ensure security group exists, otherwise create it
      fortinet.fortisase.security_profile_group:
        params:
          direction: "{{ direction }}"
          primary_key: "{{ profile_group }}"
    - name: Update security ips profile
      fortinet.fortisase.security_ips_profile:
        params:
          direction: "{{ direction }}"
          primary_key: "{{ profile_group }}"
          botnet_scanning: "block"
          comment: "Recommended"
          custom_rule_groups: []
          entries:
            - action: "default"
              application: "all"
              cve: []
              default_action: "all"
              default_status: "all"
              exempt_ip: []
              location: "all"
              log: "enable"
              log_attack_context: "disable"
              log_packet: "disable"
              os: "all"
              protocol: "all"
              quarantine: "none"
              rule: []
              severity: "all"
              status: "default"
              vuln_type: []
          is_blocking_malicious_url: false
          is_extended_log_enabled: false
          profile_type: "recommended"

Return Values

  • http_code type: intreturned: always
  • response type: rawreturned: always

Authors

  • Xinwei Du (@dux-fortinet)