Configuring FortiWeb Cloud with Ansible
The following example demonstrates how to use Ansible to perform simple configuration changes on FortiWeb Cloud. It requires the following:
- FortiWeb Cloud 20.2.d or later
- Ansible: This example uses Ansible 2.9.
- Download the template from Github repository: https://github.com/fortinet/fortiwebcloud-ansible
To perform configuration changes with Ansible, prepare the following files:
- Create the
hosts
inventory file to specify FortiWeb Cloud host and the authentication information.
Username/password authentication
If you use username/password authentication, specify them as shown below.[fortiwebcloud] fortiwebcloud01 ansible_host="api.fortiweb-cloud.com" ansible_user="example@example.com" ansible_password="Your Password"
[fortiwebcloud:vars] ansible_network_os=fortinet.fortiwebcloud.fortiwebcloud
API key authentication
If you have created an API Key in Global > System Settings > Settings, specify the key inhosts
file as shown below, so that you can use the API key instead of specifying the username and password.fortiwebcloud_api_token="API_key"
In the configuration files, add the following line to refer to the API key. Here we take thecloudwaf_app_sni_cert_get.yml
file the as an example:---
- hosts:
fortiwebcloud01 name: Execute cloud api
collections:
-
fortinet.fortiwebcloud gather_facts: no
connection: httpapi
vars:
ansible_httpapi_validate_certs: False
ansible_httpapi_use_ssl: True
ansible_httpapi_port: 443
application_name: "YOUR_APP_NAME"
tasks:
- name: Get SNI certificates.
cloudwaf_sni_cert_method:
api_token: "{{api_key}}"
app_name: "{{application_name}}"
action: get
- Create files to perform the following configurations:
- Run the test:
ansible-playbook -i hosts
<the_name_of_the_file_created_in_step_2>.yml
or
ansible-playbook
<the_name_of_the_file_created_in_step_2>.yml -i hosts -e 'ansible_python_interpreter=/usr/bin/python3'
To prepare the files, DO NOT copy the example text in this guide. There might be format issue which causes the operation to fail. |