Closed albertogd closed 7 months ago
Hi Alberto,
Your API request example calls the API: pm/config/adom/{{adomname}}/obj/firewall/address
(corresponding to fmgr_firewall_address in fortimanager ansible collection)
However, fmgr_firewall_address_dynamicmapping calls the API /pm/config/adom/{adom}/obj/firewall/address/{address}/dynamic_mapping
Here is an example of the URL ends with dynamic_mapping:
{
"method": "set",
"params": [
{
"url": "/pm/config/adom/{{adom_name}}/obj/firewall/address/{{address_name}}/dynamic_mapping",
"data": {
"_scope": [
{
"name": "{{device_name}}",
"vdom": "{{device_vdom_name}}"
}
],
"subnet": [
"0.0.0.0",
"0.0.0.0"
],
"type": 0,
"color": 0,
"uuid": "xxxxxxxxxxxxxxxxxx",
"allow-routing": 0,
"clearpass-spt": 0,
"obj-type": 9,
"node-ip-only": 0,
"fabric-object": 0,
"macaddr": [],
"dirty": 1,
"unset attrs": [
"associated-interface"
]
}
}
],
"session": "{{fortimanager_session}}",
"id": 6,
"verbose": 1
}
And this API requires you specify '_scope'. I think adding _scope is mandatory in dynamic_mapping:
"_scope": [
{
"name": "{{device_name}}",
"vdom": "{{device_vdom_name}}"
}
],
If you don't, you will get error: "The data is invalid for selected url"
The example you provide works well because it uses URL "pm/config/adom/{{adomname}}/obj/firewall/address" and does not specify dynamic_mapping. Yet if you want to specify dynamic_mapping, you have to add _scope in dynamic_mapping.
The module fmgr_firewall_address_dynamicmapping in fortimanager ansible collection assumes you define ["_scope"][0]["name"] and ["_scope"][0]["vdom"]. And you get the error if you don't.
Thank you very much. You're totally right: we had to use fmgr_firewall_address
instead of fmgr_firewall_address_dynamicmapping
. We used the module fmgr_firewall_address
and it worked great.
Using the module fmgr_firewall_address_dynamicmapping, if I don't add the parameter _scope (which is not mandatory), the module fails with the error TypeError: 'NoneType' object is not subscriptable.
I think there is an issue with the variable _scope not being properly initialized and managed in the code, as it should be possible to have an empty _scope.
The result is TypeError: 'NoneType' object is not subscriptable error:
I get an IndexError: list index out of range error:
The API request that is working is: