fwebos_waf_json_protection_rule.py – Config FortiWeb JSON Protection Rule

New in version 1.0.1.

Synopsis

Config FortiWeb JSON Protection Rule

Requirements

The below requirements are needed on the host that executes this module.

  • ansible>=2.11

FortiWeb Version Compatibility


v7.0.x v7.2.x v7.4.x v7.6.x
fwebos_waf_json_protection_rule.py yes yes yes yes

Parameters

  • body Possible parameters to go in the body for the request required: True
    • name name of the JSON protection rule type:string maxLength:63
    • host_status Enable to compare the JSON rule to the Host. type:string choice: enable, disable
    • host Select the IP address or FQDN of a protected host. type:string maxLength:255
    • request_type URL Type. Simple string ('plain') or regular expression ('regular'). type:string choice: plain, regular
    • request_url Post URL. type:string maxLength:255
    • json_limits Enable to define limits for data size, key, and value, etc. type:string choice: enable, disable
    • json_data_size Total Size of JSON Data. type:integer maximum:10240 minimum:1
    • key_size Key Size. type:integer maximum:10240 minimum:1
    • key_number Total Key Number. type:integer maximum:2147483647 minimum:1
    • value_size Enter the value size of each key. type:integer maximum:10240 minimum:1
    • value_number_in_array Enter the total value number of each JSON file. type:integer maximum:10240 minimum:1
    • object_depth Enter the number of the nested objects. type:integer maximum:2147483647 minimum:1
    • schema_type URL Type. Simple string ('plain') or regular expression ('regular'). type:string choice: schema-group, single-schema
    • schema_file According to your selection in Schema Type, enter the name of either the schema file. type:string maxLength:255
    • schema_group According to your selection in Schema Type, enter the name of either the schema group. type:string maxLength:255
    • security_action Select which action FortiWeb takes when it detects a JSON protection rule violation. type:string choice: alert, redirect, alert_deny, deny_no_log, block-period, send_403_forbidden, client-id-block-period
    • block_period Enter the amount of time (in seconds) that you want to block subsequent requests from a client after FortiWeb detects a rule violation. type:integer maximum:3600 minimum:1
    • severity Select which severity level FortiWeb uses when it logs a CSRF attack. type:string choice: Info, Low, Medium, High
    • trigger Select the trigger, if any, that FortiWeb uses when it logs or sends an alert email about a CSRF attack. type:string
    • mkey If present, objects will be filtered on property with this name type:string
    • vdom Specify the Virtual Domain(s) from which results are returned or changes are applied to. If this parameter is not provided, the management VDOM will be used. If the admin does not have access to the VDOM, a permission error will be returned. The URL parameter is one of: vdom=root (Single VDOM) vdom=vdom1,vdom2 (Multiple VDOMs) vdom=* (All VDOMs) type:array
    • clone_mkey Use *clone_mkey* to specify the ID for the new resource to be cloned. If *clone_mkey* is set, *mkey* must be provided which is cloned from. type:string

Examples

- name:
  hosts: all
  vars:
  connection: httpapi
  gather_facts: false
  tasks:
   - name: add a json protection rule
     fwebos_waf_json_protection_rule:
       action: add
       name: jspr1
       severity: High
       host_status: enable
       host: myhost2
       request_type: plain
       request_url: /folder1/f2
       security_action: alert
       block_period: 600
       severity: Low
       trigger: tp1
       schema_type: single-schema
       schema_file: js1
       json_limits: disable


   - name: get a json protection rule
     fwebos_waf_json_protection_rule:
       action: get
       name: jspr1

   - name: edit a json protection rule
     fwebos_waf_json_protection_rule:
       action: edit
       name: jspr1
       severity: Low
       json_limits: enable
       json_data_size: 1034
       key_size: 69
       key_number: 300
       value_size: 128
       value_number: 256
       value_number_in_array: 256
       object_depth: 32
       schema_type: schema-group
       schema_group: jsg1

   - name: delete a json protection rule
     fwebos_waf_json_protection_rule:
       action: delete
       name: jspr1

Return Values

Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:

  • 200 : OK: Request returns successful
  • 400 : Bad Request: Request cannot be processed by the API
  • 401 : Not Authorized: Request without successful login session
  • 403 : Forbidden: Request is missing CSRF token or administrator is missing access profile permissions.
  • 404 : Resource Not Found: Unable to find the specified resource.
  • 405 : Method Not Allowed: Specified HTTP method is not allowed for this resource.
  • 413 : Request Entity Too Large: Request cannot be processed due to large entity
  • 424 : Failed Dependency: Fail dependency can be duplicate resource, missing required parameter, missing required attribute, invalid attribute value
  • 429 : Access temporarily blocked: Maximum failed authentications reached. The offended source is temporarily blocked for certain amount of time.
  • 500 : Internal Server Error: Internal error when processing the request

For errorcode please check FortiWeb API errorcode at : https://documenter.getpostman.com/view/11233300/TVetbkaK#887b9eb4-7c13-4338-a8db-16cc117f0119

Status

  • This module is not guaranteed to have a backwards compatible interface.

Authors

  • Joseph Chen

Hint

If you notice any issues in this documentation, you can create a pull request to improve it.