fortios_config - Manage config on Fortinet FortiOS firewall devices

New in version 2.3.

Synopsis

Parameters

Parameter Choices/Defaults Comments
backup
bool
    Choices:
  • no ←
  • yes
This argument will cause the module to create a backup of the current running-config from the remote device before any changes are made. The backup file is written to the i(backup) folder.
backup_filename
Specifies the backup filename. If omitted filename will be formatted like [email protected]:MM:SS
backup_path
Specifies where to store backup files. Required if backup=yes.
config_file
(added in 2.4)
Path to configuration file. Required when file_mode is True.
file_mode
bool

(added in 2.4)
    Choices:
  • no ←
  • yes
Don't connect to any device, only use config_file as input and Output.
filter Default:
Only for partial backup, you can restrict by giving expected configuration path (ex. firewall address).
host
Specifies the DNS hostname or IP address for connecting to the remote fortios device. Required when file_mode is False.
password
Specifies the password used to authenticate to the remote device. Required when file_mode is True.
src
The src argument provides a path to the configuration template to load into the remote device.
timeout Default:
60
Timeout in seconds for connecting to the remote device.
username
Configures the username used to authenticate to the remote device. Required when file_mode is True.
vdom
Specifies on which vdom to apply configuration

Notes

Note

  • This module requires pyFG python library

Examples

- name: Backup current config
  fortios_config:
    host: 192.168.0.254
    username: admin
    password: password
    backup: yes

- name: Backup only address objects
  fortios_config:
    host: 192.168.0.254
    username: admin
    password: password
    backup: yes
    backup_path: /tmp/forti_backup/
    filter: "firewall address"

- name: Update configuration from file
  fortios_config:
    host: 192.168.0.254
    username: admin
    password: password
    src: new_configuration.conf.j2

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
change_string
string
only if config changed
The commands really executed by the module

running_config
string
always
full config string



Status

This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.

Maintenance

This module is flagged as community which means that it is maintained by the Ansible Community. See Module Maintenance & Support for more info.

For a list of other modules that are also maintained by the Ansible Community, see here.

Author

  • Benjamin Jolivot (@bjolivot)

Hint

If you notice any issues in this documentation you can edit this document to improve it.