Why Gemfury?
Push, build, and install
RubyGems
npm packages
Python packages
Maven artifacts
PHP packages
Go Modules
Debian packages
RPM packages
NuGet packages
duality-group / ansible python
Repository URL to install this package:
|
Version:
6.0.0 ▾
|
#!/usr/bin/python
from __future__ import absolute_import, division, print_function
# Copyright 2019-2021 Fortinet, Inc.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <https://www.gnu.org/licenses/>.
__metaclass__ = type
ANSIBLE_METADATA = {'status': ['preview'],
'supported_by': 'community',
'metadata_version': '1.1'}
DOCUMENTATION = '''
---
module: fmgr_firewall_vip_dynamicmapping
short_description: Configure virtual IP for IPv4.
description:
- This module is able to configure a FortiManager device.
- Examples include all parameters and values which need to be adjusted to data sources before usage.
version_added: "2.10"
author:
- Link Zheng (@chillancezen)
- Jie Xue (@JieX19)
- Frank Shen (@fshen01)
- Hongbin Lu (@fgtdev-hblu)
notes:
- Running in workspace locking mode is supported in this FortiManager module, the top
level parameters workspace_locking_adom and workspace_locking_timeout help do the work.
- To create or update an object, use state present directive.
- To delete an object, use state absent directive.
- Normally, running one module can fail when a non-zero rc is returned. you can also override
the conditions to fail or succeed with parameters rc_failed and rc_succeeded
options:
enable_log:
description: Enable/Disable logging for task
required: false
type: bool
default: false
proposed_method:
description: The overridden method for the underlying Json RPC request
required: false
type: str
choices:
- update
- set
- add
bypass_validation:
description: only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters
required: false
type: bool
default: false
workspace_locking_adom:
description: the adom to lock for FortiManager running in workspace mode, the value can be global and others including root
required: false
type: str
workspace_locking_timeout:
description: the maximum time in seconds to wait for other user to release the workspace lock
required: false
type: int
default: 300
state:
description: the directive to create, update or delete an object
type: str
required: true
choices:
- present
- absent
rc_succeeded:
description: the rc codes list with which the conditions to succeed will be overriden
type: list
required: false
rc_failed:
description: the rc codes list with which the conditions to fail will be overriden
type: list
required: false
adom:
description: the parameter (adom) in requested url
type: str
required: true
vip:
description: the parameter (vip) in requested url
type: str
required: true
firewall_vip_dynamicmapping:
description: the top level parameters set
required: false
type: dict
suboptions:
_scope:
description: no description
type: list
suboptions:
name:
type: str
description: 'Name.'
vdom:
type: str
description: 'Vdom.'
arp-reply:
type: str
description: 'Enable to respond to ARP requests for this virtual IP address. Enabled by default.'
choices:
- 'disable'
- 'enable'
color:
type: int
description: 'Color of icon on the GUI.'
comment:
type: str
description: 'Comment.'
dns-mapping-ttl:
type: int
description: 'DNS mapping TTL (Set to zero to use TTL in DNS response, default = 0).'
extaddr:
type: str
description: 'External FQDN address name.'
extintf:
type: str
description: 'Interface connected to the source network that receives the packets that will be forwarded to the destination network.'
extip:
type: str
description: 'IP address or address range on the external interface that you want to map to an address or address range on the destination n...'
extport:
type: str
description: 'Incoming port number range that you want to map to a port number range on the destination network.'
gratuitous-arp-interval:
type: int
description: 'Enable to have the VIP send gratuitous ARPs. 0=disabled. Set from 5 up to 8640000 seconds to enable.'
http-cookie-age:
type: int
description: 'Time in minutes that client web browsers should keep a cookie. Default is 60 seconds. 0 = no time limit.'
http-cookie-domain:
type: str
description: 'Domain that HTTP cookie persistence should apply to.'
http-cookie-domain-from-host:
type: str
description: 'Enable/disable use of HTTP cookie domain from host field in HTTP.'
choices:
- 'disable'
- 'enable'
http-cookie-generation:
type: int
description: 'Generation of HTTP cookie to be accepted. Changing invalidates all existing cookies.'
http-cookie-path:
type: str
description: 'Limit HTTP cookie persistence to the specified path.'
http-cookie-share:
type: str
description: 'Control sharing of cookies across virtual servers. same-ip means a cookie from one virtual server can be used by another. Disa...'
choices:
- 'disable'
- 'same-ip'
http-ip-header:
type: str
description: 'For HTTP multiplexing, enable to add the original client IP address in the XForwarded-For HTTP header.'
choices:
- 'disable'
- 'enable'
http-ip-header-name:
type: str
description: 'For HTTP multiplexing, enter a custom HTTPS header name. The original client IP address is added to this header. If empty, X-F...'
http-multiplex:
type: str
description: 'Enable/disable HTTP multiplexing.'
choices:
- 'disable'
- 'enable'
https-cookie-secure:
type: str
description: 'Enable/disable verification that inserted HTTPS cookies are secure.'
choices:
- 'disable'
- 'enable'
id:
type: int
description: 'Custom defined ID.'
ldb-method:
type: str
description: 'Method used to distribute sessions to real servers.'
choices:
- 'static'
- 'round-robin'
- 'weighted'
- 'least-session'
- 'least-rtt'
- 'first-alive'
- 'http-host'
mapped-addr:
type: str
description: 'Mapped FQDN address name.'
mappedip:
description: no description
type: str
mappedport:
type: str
description: 'Port number range on the destination network to which the external port number range is mapped.'
max-embryonic-connections:
type: int
description: 'Maximum number of incomplete connections.'
monitor:
description: no description
type: str
nat-source-vip:
type: str
description: 'Enable/disable forcing the source NAT mapped IP to the external IP for all traffic.'
choices:
- 'disable'
- 'enable'
outlook-web-access:
type: str
description: 'Enable to add the Front-End-Https header for Microsoft Outlook Web Access.'
choices:
- 'disable'
- 'enable'
persistence:
type: str
description: 'Configure how to make sure that clients connect to the same server every time they make a request that is part of the same ses...'
choices:
- 'none'
- 'http-cookie'
- 'ssl-session-id'
portforward:
type: str
description: 'Enable/disable port forwarding.'
choices:
- 'disable'
- 'enable'
portmapping-type:
type: str
description: 'Port mapping type.'
choices:
- '1-to-1'
- 'm-to-n'
protocol:
type: str
description: 'Protocol to use when forwarding packets.'
choices:
- 'tcp'
- 'udp'
- 'sctp'
- 'icmp'
realservers:
description: no description
type: list
suboptions:
client-ip:
description: no description
type: str
healthcheck:
type: str
description: 'Enable to check the responsiveness of the real server before forwarding traffic.'
choices:
- 'disable'
- 'enable'
- 'vip'
holddown-interval:
type: int
description: 'Time in seconds that the health check monitor continues to monitor and unresponsive server that should be active.'
http-host:
type: str
description: 'HTTP server domain name in HTTP header.'
ip:
type: str
description: 'IP address of the real server.'
max-connections:
type: int
description: 'Max number of active connections that can be directed to the real server. When reached, sessions are sent to other rea...'
monitor:
type: str
description: 'Name of the health check monitor to use when polling to determine a virtual servers connectivity status.'
port:
type: int
description: 'Port for communicating with the real server. Required if port forwarding is enabled.'
seq:
type: int
description: 'Seq.'
status:
type: str
description: 'Set the status of the real server to active so that it can accept traffic, or on standby or disabled so no traffic is ...'
choices:
- 'active'
- 'standby'
- 'disable'
weight:
type: int
description: 'Weight of the real server. If weighted load balancing is enabled, the server with the highest weight gets more connect...'
address:
type: str
description: 'Address.'
id:
type: int
description: 'Real server ID.'
type:
type: str
description: 'Type.'
choices:
- 'ip'
- 'address'
server-type:
type: str
description: 'Protocol to be load balanced by the virtual server (also called the server load balance virtual IP).'
choices:
- 'http'
- 'https'
- 'ssl'
- 'tcp'
- 'udp'
- 'ip'
- 'imaps'
- 'pop3s'
- 'smtps'
- 'ssh'
service:
type: str
description: 'Service name.'
src-filter:
description: no description
type: str
srcintf-filter:
description: no description
type: str
ssl-algorithm:
type: str
description: 'Permitted encryption algorithms for SSL sessions according to encryption strength.'
choices:
- 'high'
- 'medium'
- 'low'
- 'custom'
ssl-certificate:
type: str
description: 'The name of the SSL certificate to use for SSL acceleration.'
ssl-cipher-suites:
description: no description
type: list
suboptions:
cipher:
type: str
description: 'Cipher suite name.'
choices:
- 'TLS-RSA-WITH-RC4-128-MD5'
- 'TLS-RSA-WITH-RC4-128-SHA'
- 'TLS-RSA-WITH-DES-CBC-SHA'
- 'TLS-RSA-WITH-3DES-EDE-CBC-SHA'
- 'TLS-RSA-WITH-AES-128-CBC-SHA'
- 'TLS-RSA-WITH-AES-256-CBC-SHA'
- 'TLS-RSA-WITH-AES-128-CBC-SHA256'
- 'TLS-RSA-WITH-AES-256-CBC-SHA256'
- 'TLS-RSA-WITH-CAMELLIA-128-CBC-SHA'
- 'TLS-RSA-WITH-CAMELLIA-256-CBC-SHA'
- 'TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256'
- 'TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256'
- 'TLS-RSA-WITH-SEED-CBC-SHA'
- 'TLS-RSA-WITH-ARIA-128-CBC-SHA256'
- 'TLS-RSA-WITH-ARIA-256-CBC-SHA384'
- 'TLS-DHE-RSA-WITH-DES-CBC-SHA'
- 'TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA'
- 'TLS-DHE-RSA-WITH-AES-128-CBC-SHA'
- 'TLS-DHE-RSA-WITH-AES-256-CBC-SHA'
- 'TLS-DHE-RSA-WITH-AES-128-CBC-SHA256'
- 'TLS-DHE-RSA-WITH-AES-256-CBC-SHA256'
- 'TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA'
- 'TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA'
- 'TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256'
- 'TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256'
- 'TLS-DHE-RSA-WITH-SEED-CBC-SHA'
- 'TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256'
- 'TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384'
- 'TLS-ECDHE-RSA-WITH-RC4-128-SHA'
- 'TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA'
- 'TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA'
- 'TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA'
- 'TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256'
- 'TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256'
- 'TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256'
- 'TLS-DHE-RSA-WITH-AES-128-GCM-SHA256'
- 'TLS-DHE-RSA-WITH-AES-256-GCM-SHA384'
- 'TLS-DHE-DSS-WITH-AES-128-CBC-SHA'
- 'TLS-DHE-DSS-WITH-AES-256-CBC-SHA'
- 'TLS-DHE-DSS-WITH-AES-128-CBC-SHA256'
- 'TLS-DHE-DSS-WITH-AES-128-GCM-SHA256'
- 'TLS-DHE-DSS-WITH-AES-256-CBC-SHA256'
- 'TLS-DHE-DSS-WITH-AES-256-GCM-SHA384'
- 'TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256'
- 'TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256'
- 'TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384'
- 'TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384'
- 'TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA'
- 'TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256'
- 'TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256'
- 'TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384'
- 'TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384'
- 'TLS-RSA-WITH-AES-128-GCM-SHA256'
- 'TLS-RSA-WITH-AES-256-GCM-SHA384'
- 'TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA'
- 'TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA'
- 'TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA256'
- 'TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA256'
- 'TLS-DHE-DSS-WITH-SEED-CBC-SHA'
- 'TLS-DHE-DSS-WITH-ARIA-128-CBC-SHA256'
- 'TLS-DHE-DSS-WITH-ARIA-256-CBC-SHA384'
- 'TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256'
- 'TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384'
- 'TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256'
- 'TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384'
- 'TLS-DHE-DSS-WITH-3DES-EDE-CBC-SHA'
- 'TLS-DHE-DSS-WITH-DES-CBC-SHA'
- 'TLS-AES-128-GCM-SHA256'
- 'TLS-AES-256-GCM-SHA384'
- 'TLS-CHACHA20-POLY1305-SHA256'
id:
type: int
description: 'Id.'
versions:
description: no description
type: list
choices:
- ssl-3.0
- tls-1.0
- tls-1.1
- tls-1.2
- tls-1.3
priority:
type: int
description: 'SSL/TLS cipher suites priority.'
ssl-client-fallback:
type: str
description: 'Enable/disable support for preventing Downgrade Attacks on client connections (RFC 7507).'
choices:
- 'disable'
- 'enable'
ssl-client-renegotiation:
type: str
description: 'Allow, deny, or require secure renegotiation of client sessions to comply with RFC 5746.'
choices:
- 'deny'
- 'allow'
- 'secure'
ssl-client-session-state-max:
type: int
description: 'Maximum number of client to FortiGate SSL session states to keep.'
ssl-client-session-state-timeout:
type: int
description: 'Number of minutes to keep client to FortiGate SSL session state.'
ssl-client-session-state-type:
type: str
description: 'How to expire SSL sessions for the segment of the SSL connection between the client and the FortiGate.'
choices:
- 'disable'
- 'time'
- 'count'
- 'both'
ssl-dh-bits:
type: str
description: 'Number of bits to use in the Diffie-Hellman exchange for RSA encryption of SSL sessions.'
choices:
- '768'
- '1024'
- '1536'
- '2048'
- '3072'
- '4096'
ssl-hpkp:
type: str
description: 'Enable/disable including HPKP header in response.'
choices:
- 'disable'
- 'enable'
- 'report-only'
ssl-hpkp-age:
type: int
description: 'Number of seconds the client should honour the HPKP setting.'
ssl-hpkp-backup:
type: str
description: 'Certificate to generate backup HPKP pin from.'
ssl-hpkp-include-subdomains:
type: str
description: 'Indicate that HPKP header applies to all subdomains.'
choices:
- 'disable'
- 'enable'
ssl-hpkp-primary:
type: str
description: 'Certificate to generate primary HPKP pin from.'
ssl-hpkp-report-uri:
type: str
description: 'URL to report HPKP violations to.'
ssl-hsts:
type: str
description: 'Enable/disable including HSTS header in response.'
choices:
- 'disable'
- 'enable'
ssl-hsts-age:
type: int
description: 'Number of seconds the client should honour the HSTS setting.'
ssl-hsts-include-subdomains:
type: str
description: 'Indicate that HSTS header applies to all subdomains.'
choices:
- 'disable'
- 'enable'
ssl-http-location-conversion:
type: str
description: 'Enable to replace HTTP with HTTPS in the replys Location HTTP header field.'
choices:
- 'disable'
- 'enable'
ssl-http-match-host:
type: str
description: 'Enable/disable HTTP host matching for location conversion.'
choices:
- 'disable'
- 'enable'
ssl-max-version:
type: str
description: 'Highest SSL/TLS version acceptable from a client.'
choices:
- 'ssl-3.0'
- 'tls-1.0'
- 'tls-1.1'
- 'tls-1.2'
- 'tls-1.3'
ssl-min-version:
type: str
description: 'Lowest SSL/TLS version acceptable from a client.'
choices:
- 'ssl-3.0'
- 'tls-1.0'
- 'tls-1.1'
- 'tls-1.2'
- 'tls-1.3'
ssl-mode:
type: str
description: 'Apply SSL offloading between the client and the FortiGate (half) or from the client to the FortiGate and from the FortiGate to...'
choices:
- 'half'
- 'full'
ssl-pfs:
type: str
description: 'Select the cipher suites that can be used for SSL perfect forward secrecy (PFS). Applies to both client and server sessions.'
choices:
- 'require'
- 'deny'
- 'allow'
ssl-send-empty-frags:
type: str
description: 'Enable/disable sending empty fragments to avoid CBC IV attacks (SSL 3.0 & TLS 1.0 only). May need to be disabled for compatibi...'
choices:
- 'disable'
- 'enable'
ssl-server-algorithm:
type: str
description: 'Permitted encryption algorithms for the server side of SSL full mode sessions according to encryption strength.'
choices:
- 'high'
- 'low'
- 'medium'
- 'custom'
- 'client'
ssl-server-max-version:
type: str
description: 'Highest SSL/TLS version acceptable from a server. Use the client setting by default.'
choices:
- 'ssl-3.0'
- 'tls-1.0'
- 'tls-1.1'
- 'tls-1.2'
- 'client'
- 'tls-1.3'
ssl-server-min-version:
type: str
description: 'Lowest SSL/TLS version acceptable from a server. Use the client setting by default.'
choices:
- 'ssl-3.0'
- 'tls-1.0'
- 'tls-1.1'
- 'tls-1.2'
- 'client'
- 'tls-1.3'
ssl-server-session-state-max:
type: int
description: 'Maximum number of FortiGate to Server SSL session states to keep.'
ssl-server-session-state-timeout:
type: int
description: 'Number of minutes to keep FortiGate to Server SSL session state.'
ssl-server-session-state-type:
type: str
description: 'How to expire SSL sessions for the segment of the SSL connection between the server and the FortiGate.'
choices:
- 'disable'
- 'time'
- 'count'
- 'both'
type:
type: str
description: 'Configure a static NAT, load balance, server load balance, DNS translation, or FQDN VIP.'
choices:
- 'static-nat'
- 'load-balance'
- 'server-load-balance'
- 'dns-translation'
- 'fqdn'
- 'access-proxy'
uuid:
type: str
description: 'Universally Unique Identifier (UUID; automatically assigned but can be manually reset).'
weblogic-server:
type: str
description: 'Enable to add an HTTP header to indicate SSL offloading for a WebLogic server.'
choices:
- 'disable'
- 'enable'
websphere-server:
type: str
description: 'Enable to add an HTTP header to indicate SSL offloading for a WebSphere server.'
choices:
- 'disable'
- 'enable'
http-redirect:
type: str
description: 'Enable/disable redirection of HTTP to HTTPS'
choices:
- 'disable'
- 'enable'
ssl-client-rekey-count:
type: int
description: 'Maximum length of data in MB before triggering a client rekey (0 = disable).'
status:
type: str
description: 'Enable/disable VIP.'
choices:
- 'disable'
- 'enable'
'''
EXAMPLES = '''
- hosts: fortimanager00
collections:
- fortinet.fortimanager
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Configure dynamic mappings of virtual IP for IPv4
fmgr_firewall_vip_dynamicmapping:
bypass_validation: False
adom: ansible
vip: 'ansible-test-vip' # name
state: present
firewall_vip_dynamicmapping:
_scope: # Required
-
name: FGT_AWS # need a valid device name
vdom: root # need a valid vdom name under the device
arp-reply: enable
color: 2
comment: 'ansible-comment'
id: 1
- name: gathering fortimanager facts
hosts: fortimanager00
gather_facts: no
connection: httpapi
collections:
- fortinet.fortimanager
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: retrieve all the dynamic mappings of virtual IP for IPv4
fmgr_fact:
facts:
selector: 'firewall_vip_dynamicmapping'
params:
adom: 'ansible'
vip: 'ansible-test-vip' # name
dynamic_mapping: ''
'''
RETURN = '''
request_url:
description: The full url requested
returned: always
type: str
sample: /sys/login/user
response_code:
description: The status of api request
returned: always
type: int
sample: 0
response_message:
description: The descriptive message of the api response
type: str
returned: always
sample: OK.
'''
from ansible.module_utils.basic import AnsibleModule
from ansible.module_utils.connection import Connection
from ansible_collections.fortinet.fortimanager.plugins.module_utils.napi import NAPIManager
from ansible_collections.fortinet.fortimanager.plugins.module_utils.napi import check_galaxy_version
from ansible_collections.fortinet.fortimanager.plugins.module_utils.napi import check_parameter_bypass
def main():
jrpc_urls = [
'/pm/config/adom/{adom}/obj/firewall/vip/{vip}/dynamic_mapping',
'/pm/config/global/obj/firewall/vip/{vip}/dynamic_mapping'
]
perobject_jrpc_urls = [
'/pm/config/adom/{adom}/obj/firewall/vip/{vip}/dynamic_mapping/{dynamic_mapping}',
'/pm/config/global/obj/firewall/vip/{vip}/dynamic_mapping/{dynamic_mapping}'
]
url_params = ['adom', 'vip']
module_primary_key = 'complex:{{module}}["_scope"][0]["name"]+"/"+{{module}}["_scope"][0]["vdom"]'
module_arg_spec = {
'enable_log': {
'type': 'bool',
'required': False,
'default': False
},
'forticloud_access_token': {
'type': 'str',
'required': False,
'no_log': True
},
'proposed_method': {
'type': 'str',
'required': False,
'choices': [
'set',
'update',
'add'
]
},
'bypass_validation': {
'type': 'bool',
'required': False,
'default': False
},
'workspace_locking_adom': {
'type': 'str',
'required': False
},
'workspace_locking_timeout': {
'type': 'int',
'required': False,
'default': 300
},
'rc_succeeded': {
'required': False,
'type': 'list'
},
'rc_failed': {
'required': False,
'type': 'list'
},
'state': {
'type': 'str',
'required': True,
'choices': [
'present',
'absent'
]
},
'adom': {
'required': True,
'type': 'str'
},
'vip': {
'required': True,
'type': 'str'
},
'firewall_vip_dynamicmapping': {
'required': False,
'type': 'dict',
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'options': {
'_scope': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'list',
'options': {
'name': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'vdom': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
}
}
},
'arp-reply': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'color': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'comment': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'dns-mapping-ttl': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'extaddr': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'extintf': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'extip': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'extport': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'gratuitous-arp-interval': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'http-cookie-age': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'http-cookie-domain': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'http-cookie-domain-from-host': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'http-cookie-generation': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'http-cookie-path': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'http-cookie-share': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'same-ip'
],
'type': 'str'
},
'http-ip-header': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'http-ip-header-name': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'http-multiplex': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'https-cookie-secure': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'id': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'ldb-method': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'static',
'round-robin',
'weighted',
'least-session',
'least-rtt',
'first-alive',
'http-host'
],
'type': 'str'
},
'mapped-addr': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'mappedip': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'mappedport': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'max-embryonic-connections': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'monitor': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'nat-source-vip': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'outlook-web-access': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'persistence': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'none',
'http-cookie',
'ssl-session-id'
],
'type': 'str'
},
'portforward': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'portmapping-type': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'1-to-1',
'm-to-n'
],
'type': 'str'
},
'protocol': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'tcp',
'udp',
'sctp',
'icmp'
],
'type': 'str'
},
'realservers': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'list',
'options': {
'client-ip': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'healthcheck': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable',
'vip'
],
'type': 'str'
},
'holddown-interval': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'http-host': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'ip': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'max-connections': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'monitor': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'port': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'seq': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'status': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'active',
'standby',
'disable'
],
'type': 'str'
},
'weight': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'address': {
'required': False,
'revision': {
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'id': {
'required': False,
'revision': {
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'type': {
'required': False,
'revision': {
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'ip',
'address'
],
'type': 'str'
}
}
},
'server-type': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'http',
'https',
'ssl',
'tcp',
'udp',
'ip',
'imaps',
'pop3s',
'smtps',
'ssh'
],
'type': 'str'
},
'service': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'src-filter': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'srcintf-filter': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'ssl-algorithm': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'high',
'medium',
'low',
'custom'
],
'type': 'str'
},
'ssl-certificate': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'ssl-cipher-suites': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'list',
'options': {
'cipher': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'TLS-RSA-WITH-RC4-128-MD5',
'TLS-RSA-WITH-RC4-128-SHA',
'TLS-RSA-WITH-DES-CBC-SHA',
'TLS-RSA-WITH-3DES-EDE-CBC-SHA',
'TLS-RSA-WITH-AES-128-CBC-SHA',
'TLS-RSA-WITH-AES-256-CBC-SHA',
'TLS-RSA-WITH-AES-128-CBC-SHA256',
'TLS-RSA-WITH-AES-256-CBC-SHA256',
'TLS-RSA-WITH-CAMELLIA-128-CBC-SHA',
'TLS-RSA-WITH-CAMELLIA-256-CBC-SHA',
'TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256',
'TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256',
'TLS-RSA-WITH-SEED-CBC-SHA',
'TLS-RSA-WITH-ARIA-128-CBC-SHA256',
'TLS-RSA-WITH-ARIA-256-CBC-SHA384',
'TLS-DHE-RSA-WITH-DES-CBC-SHA',
'TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA',
'TLS-DHE-RSA-WITH-AES-128-CBC-SHA',
'TLS-DHE-RSA-WITH-AES-256-CBC-SHA',
'TLS-DHE-RSA-WITH-AES-128-CBC-SHA256',
'TLS-DHE-RSA-WITH-AES-256-CBC-SHA256',
'TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA',
'TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA',
'TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256',
'TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256',
'TLS-DHE-RSA-WITH-SEED-CBC-SHA',
'TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256',
'TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384',
'TLS-ECDHE-RSA-WITH-RC4-128-SHA',
'TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA',
'TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA',
'TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA',
'TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256',
'TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256',
'TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256',
'TLS-DHE-RSA-WITH-AES-128-GCM-SHA256',
'TLS-DHE-RSA-WITH-AES-256-GCM-SHA384',
'TLS-DHE-DSS-WITH-AES-128-CBC-SHA',
'TLS-DHE-DSS-WITH-AES-256-CBC-SHA',
'TLS-DHE-DSS-WITH-AES-128-CBC-SHA256',
'TLS-DHE-DSS-WITH-AES-128-GCM-SHA256',
'TLS-DHE-DSS-WITH-AES-256-CBC-SHA256',
'TLS-DHE-DSS-WITH-AES-256-GCM-SHA384',
'TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256',
'TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256',
'TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384',
'TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384',
'TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA',
'TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256',
'TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256',
'TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384',
'TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384',
'TLS-RSA-WITH-AES-128-GCM-SHA256',
'TLS-RSA-WITH-AES-256-GCM-SHA384',
'TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA',
'TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA',
'TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA256',
'TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA256',
'TLS-DHE-DSS-WITH-SEED-CBC-SHA',
'TLS-DHE-DSS-WITH-ARIA-128-CBC-SHA256',
'TLS-DHE-DSS-WITH-ARIA-256-CBC-SHA384',
'TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256',
'TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384',
'TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256',
'TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384',
'TLS-DHE-DSS-WITH-3DES-EDE-CBC-SHA',
'TLS-DHE-DSS-WITH-DES-CBC-SHA',
'TLS-AES-128-GCM-SHA256',
'TLS-AES-256-GCM-SHA384',
'TLS-CHACHA20-POLY1305-SHA256'
],
'type': 'str'
},
'id': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'versions': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'list',
'choices': [
'ssl-3.0',
'tls-1.0',
'tls-1.1',
'tls-1.2',
'tls-1.3'
]
},
'priority': {
'required': False,
'revision': {
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
}
}
},
'ssl-client-fallback': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'ssl-client-renegotiation': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'deny',
'allow',
'secure'
],
'type': 'str'
},
'ssl-client-session-state-max': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'ssl-client-session-state-timeout': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'ssl-client-session-state-type': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'time',
'count',
'both'
],
'type': 'str'
},
'ssl-dh-bits': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'768',
'1024',
'1536',
'2048',
'3072',
'4096'
],
'type': 'str'
},
'ssl-hpkp': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable',
'report-only'
],
'type': 'str'
},
'ssl-hpkp-age': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'ssl-hpkp-backup': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'ssl-hpkp-include-subdomains': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'ssl-hpkp-primary': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'ssl-hpkp-report-uri': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'ssl-hsts': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'ssl-hsts-age': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'ssl-hsts-include-subdomains': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'ssl-http-location-conversion': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'ssl-http-match-host': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'ssl-max-version': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'ssl-3.0',
'tls-1.0',
'tls-1.1',
'tls-1.2',
'tls-1.3'
],
'type': 'str'
},
'ssl-min-version': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'ssl-3.0',
'tls-1.0',
'tls-1.1',
'tls-1.2',
'tls-1.3'
],
'type': 'str'
},
'ssl-mode': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'half',
'full'
],
'type': 'str'
},
'ssl-pfs': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'require',
'deny',
'allow'
],
'type': 'str'
},
'ssl-send-empty-frags': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'ssl-server-algorithm': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'high',
'low',
'medium',
'custom',
'client'
],
'type': 'str'
},
'ssl-server-max-version': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'ssl-3.0',
'tls-1.0',
'tls-1.1',
'tls-1.2',
'client',
'tls-1.3'
],
'type': 'str'
},
'ssl-server-min-version': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'ssl-3.0',
'tls-1.0',
'tls-1.1',
'tls-1.2',
'client',
'tls-1.3'
],
'type': 'str'
},
'ssl-server-session-state-max': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'ssl-server-session-state-timeout': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'ssl-server-session-state-type': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'time',
'count',
'both'
],
'type': 'str'
},
'type': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'static-nat',
'load-balance',
'server-load-balance',
'dns-translation',
'fqdn',
'access-proxy'
],
'type': 'str'
},
'uuid': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'str'
},
'weblogic-server': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'websphere-server': {
'required': False,
'revision': {
'6.0.0': True,
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'http-redirect': {
'required': False,
'revision': {
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
},
'ssl-client-rekey-count': {
'required': False,
'revision': {
'6.2.1': True,
'6.2.3': True,
'6.2.5': True,
'6.4.0': True,
'6.4.2': True,
'6.4.5': True,
'7.0.0': True
},
'type': 'int'
},
'status': {
'required': False,
'revision': {
'7.0.0': True
},
'choices': [
'disable',
'enable'
],
'type': 'str'
}
}
}
}
params_validation_blob = []
check_galaxy_version(module_arg_spec)
module = AnsibleModule(argument_spec=check_parameter_bypass(module_arg_spec, 'firewall_vip_dynamicmapping'),
supports_check_mode=False)
fmgr = None
if module._socket_path:
connection = Connection(module._socket_path)
connection.set_option('enable_log', module.params['enable_log'] if 'enable_log' in module.params else False)
connection.set_option('forticloud_access_token',
module.params['forticloud_access_token'] if 'forticloud_access_token' in module.params else None)
fmgr = NAPIManager(jrpc_urls, perobject_jrpc_urls, module_primary_key, url_params, module, connection, top_level_schema_name='data')
fmgr.validate_parameters(params_validation_blob)
fmgr.process_curd(argument_specs=module_arg_spec)
else:
module.fail_json(msg='MUST RUN IN HTTPAPI MODE')
module.exit_json(meta=module.params)
if __name__ == '__main__':
main()