Create list in playbook (Fortigate automation)

16 views
Skip to first unread message

Luis Arizaga

unread,
May 20, 2020, 11:26:02 AM5/20/20
to Ansible Project
Hi everybody,

I'm using Ansible to automate Fortigate Firewalls provisioning and I'm having the following problems.
  1. I have a playbook that first creates a couple of object addresses using one module (task Configure one fortinet address)
  2. Then I want the playbook to pass a list with the name of the objects just created to another module in order to group the addresses I've just created. I tried to use Jinja2 within a playbook but I realized it doesn't work (I'm a newbie don't judge me lol)
  3. I'm using the with_item loop but this does not work as the module expects a list with all the objects included as one argument. With_items command calls the module twice which does not work to group the objects :'(
Is there a way to do that with Jinja2 or by using some other strategy? Any help or orientation would help me.

Thanks for you time, playbook is below =)

---
- name: Configure Address objects FORTINET
  hosts: localhost
  vars:
    host: "192.168.122.25"
    username: "admin"
    password: "admin"
    vdom: "root"
    partner: "PARTNER_1"
    addresses:
      - comment: "Administration IP for CPE 1"
        subnet: "10.10.10.10/32"
        name: "H-{{ partner }}_Cpe.Lo1-1"
      - comment: "Administration IP for CPE 2"
        subnet: "20.20.20.20/32"
        name: "H-{{ partner }}_Cpe.Lo1-2"
  tasks:
    - name: Configure one partner address
      fortios_firewall_address:
        host: "{{ host }}"
        username: "{{ username }}"
        password: "{{ password }}"
        vdom: "{{ vdom }}"
        https: "False"
        state: "present"
        firewall_address:
          comment: "{{ item.comment }}"
          subnet: "{{ item.subnet }}"
          name: "{{ item.name }}"
          type: "ipmask"
      with_items: "{{ addresses }}"
    
    - name: Configure address group for the partner
      fortios_firewall_addrgrp:
        host: "{{ host }}"
        username: "{{ username }}"
        password: "{{ password }}"
        vdom: "{{ vdom }}"
        https: "False"
        state: "present"
        firewall_addrgrp:
          name: "G-{{ partner }}_Cpe.Lo"
          member:
            - name: "{{ item.name }}"
          comment: "IP Groupe of partner {{ partner }}"
          visibility: "enable"
      with_items: "{{ addresses }}"
      register: print_output

    -  debug: var=print_output


Reply all
Reply to author
Forward
0 new messages