search

fortinet-ansible-dev / ansible-galaxy-fortios-collection

GNU General Public License v3.0
84 stars 48 forks source link

Removing an interface member using fortios_system_interface module #216

Closed plemelin closed 1 year ago

plemelin commented 1 year ago

I'm trying to remove the member a from the fortilink interface using the fortios_system_interface

Currently trying with: 

- name: Configure fortilink Interface
  fortinet.fortios.fortios_system_interface:
    vdom: "root"
    state: present
    system_interface:
      name: fortilink
      member:
        - interface_name: []

Doing it like that throws an "Error in repo". Running it with state absent tries to delete the whole fortilink interface.

What is the correct way of removing the "a" member from the fortilink interface if it's not the fortios_system_interface?

MaxxLiu22 commented 1 year ago

Hi @plemelin ,

Thank you for your question, here is an example to remove member "a" from fortilink, you are free to refer. If you still have questions, feel free to ask here.

- hosts: fortigates
  collections:
  - fortinet.fortios
  connection: httpapi
  vars:
    vdom: root
    ansible_httpapi_use_ssl: true
    ansible_httpapi_validate_certs: false
    ansible_httpapi_port: 443
  tasks:
  - name: Configure interfaces.
    fortios_system_interface:
      vdom: root
      state: present
      access_token: "{{token}}"
      system_interface:
        vdom: root
        member:
        - interface_name: port3
        - interface_name: port4
        #- interface_name: a # comment out this line, you will remove interface "a"
        name: fortilink

Thanks, Maxx

plemelin commented 1 year ago

Hi @plemelin ,

Thank you for your question, here is an example to remove member "a" from fortilink, you are free to refer. If you still have questions, feel free to ask here.

- hosts: fortigates
  collections:
  - fortinet.fortios
  connection: httpapi
  vars:
    vdom: root
    ansible_httpapi_use_ssl: true
    ansible_httpapi_validate_certs: false
    ansible_httpapi_port: 443
  tasks:
  - name: Configure interfaces.
    fortios_system_interface:
      vdom: root
      state: present
      access_token: "{{token}}"
      system_interface:
        vdom: root
        member:
        - interface_name: port3
        - interface_name: port4
        #- interface_name: a # comment out this line, you will remove interface "a"
        name: fortilink

Thanks, Maxx

Hi @MaxxLiu22

I tried this approach with a empty list of member:

*snip*
      system_interface:
        vdom: root
        member:
        name: fortilink
*snip*

It is not removing the "a" interface. The idea for me is to keep the fortilink interface but have no members attached to it. Your example works if I have more than one member. i.e.: I add member "b" and run the following:

*snip*
      system_interface:
        vdom: root
        member:
          - interface_name: b
        name: fortilink
*snip*

Then, yes, "a" disappears. But I want no members for fortilink

Is this possible?

Thank you

MaxxLiu22 commented 1 year ago

Hi @plemelin ,

You can try to use the following code to remove all members, please let me know if you still have questions.

  tasks:
  - name: Configure interfaces.
    fortios_system_interface:
      vdom: root
      state: present
      access_token: HctqrdHtNqNHtth3QGmcnhztzdcwt0
      system_interface:
        vdom: root
        member: []
        name: fortilink

Thanks, Maxx

plemelin commented 1 year ago

Hi @plemelin ,

You can try to use the following code to remove all members, please let me know if you still have questions.

  tasks:
  - name: Configure interfaces.
    fortios_system_interface:
      vdom: root
      state: present
      access_token: HctqrdHtNqNHtth3QGmcnhztzdcwt0
      system_interface:
        vdom: root
        member: []
        name: fortilink

Thanks, Maxx

Hi @MaxxLiu22

That's the one syntax I did not try. It worked. Thank you very much for your assistance.

Phil.