Fortinet Document Library

Version:


Table of Contents

User Guide

Download PDF
Copy Link

Updating endpoint settings

Example: Updating endpoint settings

---
- name: Execute cloud api

hosts: fortiwebcloud01

gather_facts: no

collections:

- fortinet.fortiwebcloud

connection: httpapi

vars:

ansible_httpapi_validate_certs: False

ansible_httpapi_use_ssl: true

ansible_httpapi_port: 443

application_name: "YOUR_APP_NAME"

tasks:

- name: Update an endpoint.

cloudwaf_endpoint_update:

app_name: "{{application_name}}"

http_status: 1

https_status: 1

http2_status: 0

ipv6_option: 0

extra_domains: []

cert_type: 1

ssl_options:

tls_1_0: 0

tls_1_1: 0

tls_1_2: 1

tls_1_3: 1

encryption_level: 1

http_2_https: 1

custom_block_page: disable

block_url: ''

custom_http_port: 80

custom_https_port: 443

 

ansible_httpapi_validate_certs

Whether to validate certificates for the connections between your Ansible host and FortiWeb Cloud's API gateway.

Specify False.

ansible_httpapi_use_ssl

Whether to use SSL protocol for the connections between your Ansible host and FortiWeb Cloud's API gateway.

Specify true.

ansible_httpapi_port

The port number used for the SSL connection.

Specify 443.

http_status

0: Disable HTTP.

1: Enable HTTP.

https_status 0: Disable HTTPS.

1: Enable HTTPS.

http2_status 0: Disable HTTP/2.

1: Enable HTTP/2.

ipv6_option 0: Disable IPv6.

1: Enable IPv6.

For more information about the HTTP, HTTPS, HTTP/2, and IPv6 settings, see Traffic Type.

extra_domains Specify up to 9 extra domains. For more information, see Domain name.
cert_type 0: Automatic certificate.

1: Custom certificate.

If you use custom certificate, make use to import SNI certificates and intermediate certificates. See Importing/Getting/Deleting SNI certificates and Importing/Getting/Deleting intermediate certificates

For more information about certificate type, see SSL Certificate.

tls_1_0 0: Disable TLS 1.0

1: Enable TLS 1.0.

tls_1_1 0: Disable TLS 1.1

1: Enable TLS 1.1.

tls_1_2

0: Disable TLS 1.2.

1: Enable TLS 1.2.

tls_1_3

0: Disable TLS 1.3.

1: Enable TLS 1.3.

For more information, see SSL/TLS.

encryption_level

0: High encryption level.

1: Medium encryption level.

For more information, see Supported cipher suites & protocol versions.

http_2_https

0: Disable redirecting HTTP traffic to HTTPS.

1: Enable redirecting HTTP traffic to HTTPS.

For more information, see SSL/TLS.

custom_block_page

disable: Disable the custom page settings.

enable: Enable the custom page settings.

block_url

Specify the URL path of the block page so that FortiWeb Cloud can return it to your user's client when its request violates WAF rules, for example: /blockpage.html.

custom_http_port

The HTTP port number of the block page.

custom_https_port

The HTTPS port number of the block page.

Updating endpoint settings

Example: Updating endpoint settings

---
- name: Execute cloud api

hosts: fortiwebcloud01

gather_facts: no

collections:

- fortinet.fortiwebcloud

connection: httpapi

vars:

ansible_httpapi_validate_certs: False

ansible_httpapi_use_ssl: true

ansible_httpapi_port: 443

application_name: "YOUR_APP_NAME"

tasks:

- name: Update an endpoint.

cloudwaf_endpoint_update:

app_name: "{{application_name}}"

http_status: 1

https_status: 1

http2_status: 0

ipv6_option: 0

extra_domains: []

cert_type: 1

ssl_options:

tls_1_0: 0

tls_1_1: 0

tls_1_2: 1

tls_1_3: 1

encryption_level: 1

http_2_https: 1

custom_block_page: disable

block_url: ''

custom_http_port: 80

custom_https_port: 443

 

ansible_httpapi_validate_certs

Whether to validate certificates for the connections between your Ansible host and FortiWeb Cloud's API gateway.

Specify False.

ansible_httpapi_use_ssl

Whether to use SSL protocol for the connections between your Ansible host and FortiWeb Cloud's API gateway.

Specify true.

ansible_httpapi_port

The port number used for the SSL connection.

Specify 443.

http_status

0: Disable HTTP.

1: Enable HTTP.

https_status 0: Disable HTTPS.

1: Enable HTTPS.

http2_status 0: Disable HTTP/2.

1: Enable HTTP/2.

ipv6_option 0: Disable IPv6.

1: Enable IPv6.

For more information about the HTTP, HTTPS, HTTP/2, and IPv6 settings, see Traffic Type.

extra_domains Specify up to 9 extra domains. For more information, see Domain name.
cert_type 0: Automatic certificate.

1: Custom certificate.

If you use custom certificate, make use to import SNI certificates and intermediate certificates. See Importing/Getting/Deleting SNI certificates and Importing/Getting/Deleting intermediate certificates

For more information about certificate type, see SSL Certificate.

tls_1_0 0: Disable TLS 1.0

1: Enable TLS 1.0.

tls_1_1 0: Disable TLS 1.1

1: Enable TLS 1.1.

tls_1_2

0: Disable TLS 1.2.

1: Enable TLS 1.2.

tls_1_3

0: Disable TLS 1.3.

1: Enable TLS 1.3.

For more information, see SSL/TLS.

encryption_level

0: High encryption level.

1: Medium encryption level.

For more information, see Supported cipher suites & protocol versions.

http_2_https

0: Disable redirecting HTTP traffic to HTTPS.

1: Enable redirecting HTTP traffic to HTTPS.

For more information, see SSL/TLS.

custom_block_page

disable: Disable the custom page settings.

enable: Enable the custom page settings.

block_url

Specify the URL path of the block page so that FortiWeb Cloud can return it to your user's client when its request violates WAF rules, for example: /blockpage.html.

custom_http_port

The HTTP port number of the block page.

custom_https_port

The HTTPS port number of the block page.