Why append member option missing for fortios_firewall_addrgrp about ansible-galaxy-fortios-collection HOT 9 CLOSED

To Add :

I am using raw module to achieve this now.

    - name: Config
      raw: |
            config firewall addrgrp
            edit blklist1
            append member test1-10.2.10.0-24
            end

from ansible-galaxy-fortios-collection.

thanks @ginigangadharan for the issue.

all APIs an Fortigate device exports for Ansible have only set semantics, which means we must update/create an object at one go. Unfortunately we don't have available support to address the requirement above.

very glad to know you have the workaround by using raw, officially, we also have generic module to do the same work:
https://github.com/fortinet/ansible-fortios-generic

thanks,
Link

from ansible-galaxy-fortios-collection.

@chillancezen Thants awesome !
I was looking for a such thing all over; thank you for that.

Okay, also noted on that API support thing.

I will mark this issue as closed for now :)

from ansible-galaxy-fortios-collection.

thanks @ginigangadharan for the issue.

all APIs an Fortigate device exports for Ansible have only set semantics, which means we must update/create an object at one go. Unfortunately we don't have available support to address the requirement above.

very glad to know you have the workaround by using raw, officially, we also have generic module to do the same work: https://github.com/fortinet/ansible-fortios-generic

thanks, Link

There is an option called "append" exists now in FortiOS 6.4.10 at least. Is it possible to add this to the fortios_firewall_addrgrp module?

from ansible-galaxy-fortios-collection.

Hi @unbreakabl3,

Thank you for your comment. The append command is not a new operation of FortiOS v6.4.10. It is an CLI command. But there is no REST API for this functionality. So, we still recommend users to use the solution listed in the previous comments.

Thanks,
Xing

from ansible-galaxy-fortios-collection.

Hi, @lix-fortinet ,
thank you very much for your quick reply.

This REST API call is adding a new member to the group. Tested on 6.4.x

- name: Add new server to the {{ group }} group
  uri:
    url: https://{{ hostname }}/api/v2/cmdb/firewall/addrgrp/{{ group }}/member?access_token={{ api_access_token }}
    method: POST
    body_format: json
    body: |
      {
        "name": "{{ address }}"
      }

from ansible-galaxy-fortios-collection.

@unbreakabl3 and @lix-fortinet
Thank you for that. Will wait for the update.

from ansible-galaxy-fortios-collection.

Hi @unbreakabl3,

Thank you for your update. You are welcome to use this as your workaround or by the generic module mentioned by chillancezen: https://github.com/fortinet/ansible-fortios-generic. We will keep an eye on this request, and will get back to you once we have any improvement.

Thanks,
Xing

from ansible-galaxy-fortios-collection.

Hi,

Having fought with this myself, it's actually documented here.

Find an example below

- name: Append to address group
  fortinet.fortios.fortios_firewall_addrgrp:
    vdom: root
    state: present
    member_state: present
    member_path: member:name
    firewall_addrgrp:
      name: TEST-GROUP
      member:
        - name: none

Notice that member:name should be remain as is.

Tested on FortiOS 7.2.0

from ansible-galaxy-fortios-collection.