search

fortinet-ansible-dev / ansible-galaxy-fortios-collection

GNU General Public License v3.0
85 stars 49 forks source link

Is global scope security profile supported? #294

Open kobbie opened 7 months ago

kobbie commented 7 months ago

Hi, I'm working with Ansible playbooks for FortiOS and trying to create global scope security profiles (not per-VDOM).

Ansible: core 2.15.9 fortinet.fortios collection: 2.3.5

So far I could create a per-VDOM security profile, but could not a global-scope profile. I tried to some changes in my playbook, but no luck so far.

$ ansible-playbook -l fgt-080 playbooks/08-01-webfilter-profile-monitor.yaml

PLAY [all] ************************************************************************************************************************************************************************

TASK [Gathering Facts] ************************************************************************************************************************************************************
ok: [fgt-080]

TASK [Configure Web filter profiles.] *********************************************************************************************************************************************
ok: [fgt-080]

PLAY RECAP ************************************************************************************************************************************************************************
fgt-080                    : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

PLAY [all] ****

TASK [Gathering Facts] **** ok: [fgt-080]

TASK [Configure Web filter profiles.] ***** fatal: [fgt-080]: FAILED! => {"changed": false, "meta": {"build": 2463, "cli_error": "In vdom context, the table name should not start with 'g-'.\ncurrent vf=root:0\nnode_check_object fail! for name g-monitor-all\n\nvalue parse error before 'g-monitor-all'\nCommand fail. Return code -61\ncmd_clean_context 0, abort=0\ncmd_clean_context 0, abort=1\nCommand fail. Return code 1\n", "error": -61, "http_method": "POST", "http_status": 500, "name": "profile", "path": "webfilter", "revision": "d298956e8c39e10e3754b6448346598a", "revision_changed": false, "serial": "XXXXXXXXXXXX", "status": "error", "vdom": "root", "version": "v7.4.1"}, "msg": "Error in repo"}

PLAY RECAP **** fgt-080 : ok=1 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0



Is it supported in Ansible collections and/or FortiOS API?
MaxxLiu22 commented 7 months ago

Hi @kobbie ,

Thank you for raising this issue, we haven't supported global scope operation now, and reported this feature to the development team to see if there will be an improvement.

Thanks, Maxx