fadcos_waf_api_gateway_rule – Configure rule objects of an API Gateway policy¶
New in version 1.3.0.
Parameters¶
- action - Type of action to perform on the object. type: str required: true
- name - Specify the name of the API gateway rule. type: str required: true
- host - Select the name of a protected host that the Host.type: str required: false
- host_status - Enable/Disable for applying this rule only to HTTP requests for specific web hosts.type: str required: false
- security_action - Select the action profile that you want to apply.type: str required: false
- location - Indicate where to find the API key in HTTP request ("http-header" or "http-parameter").type: str required: false
- method - Select one or more HTTP methods are allowed when access the API.type: str required: false
- parameter_name - Specify the HTTP parameter name of the API key. type: str required: false
- field_name - Specify the header filed name of the API key. type: str required: false
- rlimit_period - Sets the time spent during which to count how many times a request is received.type: str required: false
- rlimit_reqs - Sets the condition for the limit of the number of API requests received.type: str required: false
- rlimit_status - Enable/Disable to do rate limit for API calls.type: str required: false
- severity - Select which severity level FortiADC uses when using Input Validation.type: str required: false
- verification - When a user makes an API request, the API key will be included in the HTTP header or parameter.type: str required: false
- url_pattern - Matching string. Regular expressions are supported.type: str required: false
- exception - Select a user-defined exception configuration object.type: str required: false
- vdom - VDOM name if enabled.type: str required: true(if VDOM is enabled)
Examples¶
- name:
hosts: all
vars:
connection: httpapi
gather_facts: false
tasks:
- name: Add waf_api_gateway_rule
fadcos_waf_api_gateway_rule:
action: add
name: test_rule1
security_action: alert
host: host1
host_status: enable
location: http-parameter
method: GET POST HEAD OPTIONS TRACE CONNECT DELETE PUT PATCH OTHER
parameter_name: acc
rlimit_period: 60
rlimit_reqs: 600
rlimit_status: enable
severity: low
url_pattern: /home/test
verification: enable
- name: edit waf_api_gateway_rule
fadcos_waf_api_gateway_rule:
action: edit
name: test_rule1
parameter_name: add
severity: high
url_pattern: /home/qqq
- name: Add waf_api_gateway_rule
fadcos_waf_api_gateway_rule:
action: add
name: test_rule1
security_action: alert
- name: get waf_api_gateway_rule
fadcos_waf_api_gateway_rule:
action: get
name: test_rule1
- name: delete waf_api_gateway_rule
fadcos_waf_api_gateway_rule:
action: delete
name: agr1
- name: delete waf_api_gateway_rule
fadcos_waf_api_gateway_rule:
action: delete
name: agr1
Return Values¶
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- 200 - OK: Request returns successful.
- 400 - Bad Request: Request cannot be processed by the API.
- 401 - Not Authorized: Request without successful login session.
- 403 - Forbidden: Request is missing CSRF token or administrator is missing access profile permissions.
- 404 - Resource Not Found: Unable to find the specified resource.
- 405 - Method Not Allowed: Specified HTTP method is not allowed for this resource.
- 413 - Request Entity Too Large: Request cannot be processed due to large entity.
- 424 - Failed Dependency: Fail dependency can be duplicate resource, missing required parameter, missing required attribute, or invalid attribute value.
- 429 - Access temporarily blocked: Maximum failed authentications reached. The offended source is temporarily blocked for certain amount of time.
- 500 - Internal Server Error: Internal error when processing the request.
For errorcode please check FortiADC API errorcode at : https://fndn.fortinet.net/index.php?/fortiapi/981-fortiadc/
Authors¶
- Joseph Chen
Hint
If you notice any issues in this documentation, you can create a pull request to improve it at: https://github.com/fortinet-ansible-dev/ansible-galaxy-fortiadc-sphinxdoc/pulls