Refactors main() function and module manager in multiple modules in line with recent changes (#53974)

Adds variable types to docs Refactors unit tests to remove deprecated parameters
2025-07-27 07:01:22 -07:00 · 2019-03-19 05:45:18 +01:00 · 2019-03-19 05:45:18 +01:00 · 284565c39e
commit 284565c39e
parent 313e07dfd3
26 changed files with 412 additions and 239 deletions
--- a/lib/ansible/modules/network/f5/bigip_dns_cache_resolver.py
+++ b/lib/ansible/modules/network/f5/bigip_dns_cache_resolver.py
@ -24,6 +24,7 @@ options:
  name:
    description:
      - Specifies the name of the cache.
    type: str
    required: True
  answer_default_zones:
    description:
@ -40,6 +41,7 @@ options:
      name:
        description:
          - Specifies a FQDN for the forward zone.
        type: str
        required: True
      nameservers:
        description:
@ -50,25 +52,32 @@ options:
          address:
            description:
              - Address of recursive nameserver.
            type: str
          port:
            description:
              - Port of recursive nameserver.
              - When specifying new nameservers, if this value is not provided, the
                default is C(53).
            type: int
        type: list
    type: raw
  route_domain:
    description:
      - Specifies the route domain the resolver uses for outbound traffic.
    type: str
  state:
    description:
      - When C(present), ensures that the resource exists.
      - When C(absent), ensures the resource is removed.
-    default: present
+    type: str
    choices:
      - present
      - absent
    default: present
  partition:
    description:
      - Device partition to manage resources on.
    type: str
    default: Common
 extends_documentation_fragment: f5
 author:
@ -114,22 +123,16 @@ try:
    from library.module_utils.network.f5.bigip import F5RestClient
    from library.module_utils.network.f5.common import F5ModuleError
    from library.module_utils.network.f5.common import AnsibleF5Parameters
    from library.module_utils.network.f5.common import cleanup_tokens
    from library.module_utils.network.f5.common import fq_name
    from library.module_utils.network.f5.common import f5_argument_spec
    from library.module_utils.network.f5.common import exit_json
    from library.module_utils.network.f5.common import fail_json
    from library.module_utils.network.f5.common import flatten_boolean
    from library.module_utils.network.f5.common import transform_name
 except ImportError:
    from ansible.module_utils.network.f5.bigip import F5RestClient
    from ansible.module_utils.network.f5.common import F5ModuleError
    from ansible.module_utils.network.f5.common import AnsibleF5Parameters
    from ansible.module_utils.network.f5.common import cleanup_tokens
    from ansible.module_utils.network.f5.common import fq_name
    from ansible.module_utils.network.f5.common import f5_argument_spec
    from ansible.module_utils.network.f5.common import exit_json
    from ansible.module_utils.network.f5.common import fail_json
    from ansible.module_utils.network.f5.common import flatten_boolean
    from ansible.module_utils.network.f5.common import transform_name
@ -307,7 +310,7 @@ class Difference(object):
 class ModuleManager(object):
    def __init__(self, *args, **kwargs):
        self.module = kwargs.get('module', None)
-        self.client = kwargs.get('client', None)
+        self.client = F5RestClient(**self.module.params)
        self.want = ModuleParameters(params=self.module.params)
        self.have = ApiParameters()
        self.changes = UsableChanges()
@ -533,14 +536,11 @@ def main():
    )
    try:
-        client = F5RestClient(**module.params)
+        mm = ModuleManager(module=module)
        mm = ModuleManager(module=module, client=client)
        results = mm.exec_module()
-        cleanup_tokens(client)
+        module.exit_json(**results)
        exit_json(module, results, client)
    except F5ModuleError as ex:
-        cleanup_tokens(client)
+        module.fail_json(msg=str(ex))
        fail_json(module, ex, client)
 if __name__ == '__main__':
--- a/lib/ansible/modules/network/f5/bigip_dns_nameserver.py
+++ b/lib/ansible/modules/network/f5/bigip_dns_nameserver.py
@ -26,6 +26,7 @@ options:
  name:
    description:
      - Specifies the name of the nameserver.
    type: str
    required: True
  address:
    description:
@ -33,18 +34,21 @@ options:
        authoritative server (DNS Express server) listens for DNS messages.
      - When creating a new nameserver, if this value is not specified, the default
        is C(127.0.0.1).
    type: str
  service_port:
    description:
      - Specifies the service port on which the DNS nameserver (client) or back-end DNS
        authoritative server (DNS Express server) listens for DNS messages.
      - When creating a new nameserver, if this value is not specified, the default
        is C(53).
    type: str
  route_domain:
    description:
      - Specifies the local route domain that the DNS nameserver (client) or back-end
        DNS authoritative server (DNS Express server) uses for outbound traffic.
      - When creating a new nameserver, if this value is not specified, the default
        is C(0).
    type: str
  tsig_key:
    description:
      - Specifies the TSIG key the system uses to communicate with this DNS nameserver
@ -54,17 +58,20 @@ options:
        request and sign the response.
      - If this nameserver is a DNS Express server, then this TSIG key must match the
        TSIG key for the zone on the back-end DNS authoritative server.
    type: str
  state:
    description:
      - When C(present), ensures that the resource exists.
      - When C(absent), ensures the resource is removed.
-    default: present
+    type: str
    choices:
      - present
      - absent
    default: present
  partition:
    description:
      - Device partition to manage resources on.
    type: str
    default: Common
 extends_documentation_fragment: f5
 author:
@ -105,21 +112,15 @@ try:
    from library.module_utils.network.f5.bigip import F5RestClient
    from library.module_utils.network.f5.common import F5ModuleError
    from library.module_utils.network.f5.common import AnsibleF5Parameters
    from library.module_utils.network.f5.common import cleanup_tokens
    from library.module_utils.network.f5.common import fq_name
    from library.module_utils.network.f5.common import f5_argument_spec
    from library.module_utils.network.f5.common import exit_json
    from library.module_utils.network.f5.common import fail_json
    from library.module_utils.network.f5.common import transform_name
 except ImportError:
    from ansible.module_utils.network.f5.bigip import F5RestClient
    from ansible.module_utils.network.f5.common import F5ModuleError
    from ansible.module_utils.network.f5.common import AnsibleF5Parameters
    from ansible.module_utils.network.f5.common import cleanup_tokens
    from ansible.module_utils.network.f5.common import fq_name
    from ansible.module_utils.network.f5.common import f5_argument_spec
    from ansible.module_utils.network.f5.common import exit_json
    from ansible.module_utils.network.f5.common import fail_json
    from ansible.module_utils.network.f5.common import transform_name
@ -236,7 +237,7 @@ class Difference(object):
 class ModuleManager(object):
    def __init__(self, *args, **kwargs):
        self.module = kwargs.get('module', None)
-        self.client = kwargs.get('client', None)
+        self.client = F5RestClient(**self.module.params)
        self.want = ModuleParameters(params=self.module.params)
        self.have = ApiParameters()
        self.changes = UsableChanges()
@ -455,16 +456,12 @@ def main():
        supports_check_mode=spec.supports_check_mode,
    )
    client = F5RestClient(**module.params)
    try:
-        mm = ModuleManager(module=module, client=client)
+        mm = ModuleManager(module=module)
        results = mm.exec_module()
-        cleanup_tokens(client)
+        module.exit_json(**results)
        exit_json(module, results, client)
    except F5ModuleError as ex:
-        cleanup_tokens(client)
+        module.fail_json(msg=str(ex))
        fail_json(module, ex, client)
 if __name__ == '__main__':
--- a/lib/ansible/modules/network/f5/bigip_dns_resolver.py
+++ b/lib/ansible/modules/network/f5/bigip_dns_resolver.py
@ -23,10 +23,12 @@ options:
  name:
    description:
      - Specifies the name of the DNS resolver.
    type: str
    required: True
  route_domain:
    description:
      - Specifies the route domain the resolver uses for outbound traffic.
    type: int
  cache_size:
    description:
      - Specifies the size of the internal DNS resolver cache.
@ -34,6 +36,7 @@ options:
        is 5767168 bytes.
      - After the cache reaches this size, when new or refreshed content arrives, the
        system removes expired and older content and caches the new or updated content.
    type: int
  answer_default_zones:
    description:
      - Specifies whether the system answers DNS queries for the default zones localhost,
@ -80,13 +83,15 @@ options:
    description:
      - When C(present), ensures that the resource exists.
      - When C(absent), ensures the resource is removed.
-    default: present
+    type: str
    choices:
      - present
      - absent
    default: present
  partition:
    description:
      - Device partition to manage resources on.
    type: str
    default: Common
 extends_documentation_fragment: f5
 author:
@ -154,22 +159,16 @@ try:
    from library.module_utils.network.f5.bigip import F5RestClient
    from library.module_utils.network.f5.common import F5ModuleError
    from library.module_utils.network.f5.common import AnsibleF5Parameters
    from library.module_utils.network.f5.common import cleanup_tokens
    from library.module_utils.network.f5.common import fq_name
    from library.module_utils.network.f5.common import f5_argument_spec
    from library.module_utils.network.f5.common import exit_json
    from library.module_utils.network.f5.common import fail_json
    from library.module_utils.network.f5.common import transform_name
    from library.module_utils.network.f5.common import flatten_boolean
 except ImportError:
    from ansible.module_utils.network.f5.bigip import F5RestClient
    from ansible.module_utils.network.f5.common import F5ModuleError
    from ansible.module_utils.network.f5.common import AnsibleF5Parameters
    from ansible.module_utils.network.f5.common import cleanup_tokens
    from ansible.module_utils.network.f5.common import fq_name
    from ansible.module_utils.network.f5.common import f5_argument_spec
    from ansible.module_utils.network.f5.common import exit_json
    from ansible.module_utils.network.f5.common import fail_json
    from ansible.module_utils.network.f5.common import transform_name
    from ansible.module_utils.network.f5.common import flatten_boolean
@ -308,7 +307,7 @@ class Difference(object):
 class ModuleManager(object):
    def __init__(self, *args, **kwargs):
        self.module = kwargs.get('module', None)
-        self.client = kwargs.get('client', None)
+        self.client = F5RestClient(**self.module.params)
        self.want = ModuleParameters(params=self.module.params)
        self.have = ApiParameters()
        self.changes = UsableChanges()
@ -525,16 +524,12 @@ def main():
        supports_check_mode=spec.supports_check_mode,
    )
    client = F5RestClient(**module.params)
    try:
-        mm = ModuleManager(module=module, client=client)
+        mm = ModuleManager(module=module)
        results = mm.exec_module()
-        cleanup_tokens(client)
+        module.exit_json(**results)
        exit_json(module, results, client)
    except F5ModuleError as ex:
-        cleanup_tokens(client)
+        module.fail_json(msg=str(ex))
        fail_json(module, ex, client)
 if __name__ == '__main__':
--- a/lib/ansible/modules/network/f5/bigip_dns_zone.py
+++ b/lib/ansible/modules/network/f5/bigip_dns_zone.py
@ -27,15 +27,18 @@ options:
      - Specifies the name of the DNS zone.
      - The name must begin with a letter and contain only letters, numbers,
        and the underscore character.
    type: str
    required: True
  dns_express:
    description:
      - DNS express related settings.
    type: dict
    suboptions:
      server:
        description:
          - Specifies the back-end authoritative DNS server from which the BIG-IP
            system receives AXFR zone transfers for the DNS Express zone.
        type: str
      enabled:
        description:
          - Specifies the current status of the DNS Express zone.
@ -53,6 +56,7 @@ options:
            listener that handles the DNS request).
          - When C(repeat), the NOTIFY message goes to both DNS Express and any
            back-end DNS server.
        type: str
        choices:
          - consume
          - bypass
@ -61,6 +65,7 @@ options:
        description:
          - Specifies the IP addresses from which the system accepts NOTIFY messages
            for this DNS Express zone.
        type: list
      verify_tsig:
        description:
          - Specifies whether the system verifies the identity of the authoritative
@ -73,21 +78,25 @@ options:
  nameservers:
    description:
      - Specifies the DNS nameservers to which the system sends NOTIFY messages.
    type: list
  tsig_server_key:
    description:
      - Specifies the TSIG key the system uses to authenticate the back-end DNS
        authoritative server that sends AXFR zone transfers to the BIG-IP system.
    type: str
  state:
    description:
      - When C(present), ensures that the resource exists.
      - When C(absent), ensures the resource is removed.
-    default: present
+    type: str
    choices:
      - present
      - absent
    default: present
  partition:
    description:
      - Device partition to manage resources on.
    type: str
    default: Common
 extends_documentation_fragment: f5
 author:
@ -163,11 +172,8 @@ try:
    from library.module_utils.network.f5.bigip import F5RestClient
    from library.module_utils.network.f5.common import F5ModuleError
    from library.module_utils.network.f5.common import AnsibleF5Parameters
    from library.module_utils.network.f5.common import cleanup_tokens
    from library.module_utils.network.f5.common import fq_name
    from library.module_utils.network.f5.common import f5_argument_spec
    from library.module_utils.network.f5.common import exit_json
    from library.module_utils.network.f5.common import fail_json
    from library.module_utils.network.f5.common import transform_name
    from library.module_utils.network.f5.common import flatten_boolean
    from library.module_utils.network.f5.compare import cmp_simple_list
@ -175,11 +181,8 @@ except ImportError:
    from ansible.module_utils.network.f5.bigip import F5RestClient
    from ansible.module_utils.network.f5.common import F5ModuleError
    from ansible.module_utils.network.f5.common import AnsibleF5Parameters
    from ansible.module_utils.network.f5.common import cleanup_tokens
    from ansible.module_utils.network.f5.common import fq_name
    from ansible.module_utils.network.f5.common import f5_argument_spec
    from ansible.module_utils.network.f5.common import exit_json
    from ansible.module_utils.network.f5.common import fail_json
    from ansible.module_utils.network.f5.common import transform_name
    from ansible.module_utils.network.f5.common import flatten_boolean
    from ansible.module_utils.network.f5.compare import cmp_simple_list
@ -375,7 +378,7 @@ class Difference(object):
 class ModuleManager(object):
    def __init__(self, *args, **kwargs):
        self.module = kwargs.get('module', None)
-        self.client = kwargs.get('client', None)
+        self.client = F5RestClient(**self.module.params)
        self.want = ModuleParameters(params=self.module.params)
        self.have = ApiParameters()
        self.changes = UsableChanges()
@ -599,16 +602,12 @@ def main():
        supports_check_mode=spec.supports_check_mode,
    )
    client = F5RestClient(**module.params)
    try:
-        mm = ModuleManager(module=module, client=client)
+        mm = ModuleManager(module=module)
        results = mm.exec_module()
-        cleanup_tokens(client)
+        module.exit_json(**results)
        exit_json(module, results, client)
    except F5ModuleError as ex:
-        cleanup_tokens(client)
+        module.fail_json(msg=str(ex))
        fail_json(module, ex, client)
 if __name__ == '__main__':
--- a/lib/ansible/modules/network/f5/bigip_file_copy.py
+++ b/lib/ansible/modules/network/f5/bigip_file_copy.py
@ -25,10 +25,12 @@ options:
      - The name of the file as it should reside on the BIG-IP.
      - If this is not specified, then the filename provided in the C(source)
        parameter is used instead.
    type: str
  source:
    description:
      - Specifies the path of the file to upload.
      - This parameter is required if C(state) is C(present).
    type: path
    aliases:
      - src
  datastore:
@ -42,6 +44,7 @@ options:
      - When C(lw4o6-table), the specified file will be store as an Lightweight 4
        over 6 (lw4o6) tunnel binding table, which include an IPv6 address for the
        lwB4, public IPv4 address, and restricted port set.
    type: str
    choices:
      - external-monitor
      - ifile
@ -59,15 +62,17 @@ options:
  partition:
    description:
      - Device partition to manage resources on.
    type: str
    default: Common
  state:
    description:
      - When C(present), ensures that the resource exists.
      - When C(absent), ensures the resource is removed.
-    default: present
+    type: str
    choices:
      - present
      - absent
    default: present
 extends_documentation_fragment: f5
 author:
  - Tim Rupp (@caphrim007)
@ -129,22 +134,16 @@ try:
    from library.module_utils.network.f5.bigip import F5RestClient
    from library.module_utils.network.f5.common import F5ModuleError
    from library.module_utils.network.f5.common import AnsibleF5Parameters
    from library.module_utils.network.f5.common import cleanup_tokens
    from library.module_utils.network.f5.common import fq_name
    from library.module_utils.network.f5.common import f5_argument_spec
    from library.module_utils.network.f5.common import exit_json
    from library.module_utils.network.f5.common import fail_json
    from library.module_utils.network.f5.common import transform_name
    from library.module_utils.network.f5.icontrol import upload_file
 except ImportError:
    from ansible.module_utils.network.f5.bigip import F5RestClient
    from ansible.module_utils.network.f5.common import F5ModuleError
    from ansible.module_utils.network.f5.common import AnsibleF5Parameters
    from ansible.module_utils.network.f5.common import cleanup_tokens
    from ansible.module_utils.network.f5.common import fq_name
    from ansible.module_utils.network.f5.common import f5_argument_spec
    from ansible.module_utils.network.f5.common import exit_json
    from ansible.module_utils.network.f5.common import fail_json
    from ansible.module_utils.network.f5.common import transform_name
    from ansible.module_utils.network.f5.icontrol import upload_file
@ -261,7 +260,7 @@ class Difference(object):
 class BaseManager(object):
    def __init__(self, *args, **kwargs):
        self.module = kwargs.get('module', None)
-        self.client = kwargs.get('client', None)
+        self.client = F5RestClient(**self.module.params)
        self.want = ModuleParameters(params=self.module.params)
        self.have = ApiParameters()
        self.changes = UsableChanges()
@ -672,16 +671,12 @@ def main():
        required_if=spec.required_if,
    )
    client = F5RestClient(**module.params)
    try:
-        mm = ModuleManager(module=module, client=client)
+        mm = ModuleManager(module=module)
        results = mm.exec_module()
-        cleanup_tokens(client)
+        module.exit_json(**results)
        exit_json(module, results, client)
    except F5ModuleError as ex:
-        cleanup_tokens(client)
+        module.fail_json(msg=str(ex))
        fail_json(module, ex, client)
 if __name__ == '__main__':
--- a/lib/ansible/modules/network/f5/bigip_firewall_address_list.py
+++ b/lib/ansible/modules/network/f5/bigip_firewall_address_list.py
@ -24,14 +24,17 @@ options:
  name:
    description:
      - Specifies the name of the address list.
    type: str
    required: True
  partition:
    description:
      - Device partition to manage resources on.
    type: str
    default: Common
  description:
    description:
      - Description of the address list
    type: str
  geo_locations:
    description:
      - List of geolocations specified by their C(country) and C(region).
@ -42,19 +45,23 @@ options:
          - In addition to the country full names, you may also specify their abbreviated
            form, such as C(US) instead of C(United States).
          - Valid country codes can be found here https://countrycode.org/.
-        required: true
+        type: str
        required: True
        choices:
          - Any valid 2 character ISO country code.
          - Any valid country name.
      region:
        description:
          - Region name of the country to use.
        type: str
    type: list
  addresses:
    description:
      - Individual addresses that you want to add to the list. These addresses differ
        from ranges, and lists of lists such as what can be used in C(address_ranges)
        and C(address_lists) respectively.
      - This list can also include networks that have CIDR notation.
    type: list
  address_ranges:
    description:
      - A list of address ranges where the range starts with a port number, is followed
@ -62,12 +69,14 @@ options:
      - If the first address is greater than the second number, the numbers will be
        reversed so-as to be properly formatted. ie, C(2.2.2.2-1.1.1). would become
        C(1.1.1.1-2.2.2.2).
    type: list
  address_lists:
    description:
      - Simple list of existing address lists to add to this list. Address lists can be
        specified in either their fully qualified name (/Common/foo) or their short
        name (foo). If a short name is used, the C(partition) argument will automatically
        be prepended to the short name.
    type: list
  fqdns:
    description:
      - A list of fully qualified domain names (FQDNs).
@ -77,14 +86,16 @@ options:
        of BIG-IP. If using C(bigip_command), this can be done with C(tmsh modify security
        firewall global-fqdn-policy FOO) where C(FOO) is a DNS resolver configured
        at C(tmsh create net dns-resolver FOO).
    type: list
  state:
    description:
      - When C(present), ensures that the address list and entries exists.
      - When C(absent), ensures the address list is removed.
-    default: present
+    type: str
    choices:
      - present
      - absent
    default: present
 extends_documentation_fragment: f5
 author:
  - Tim Rupp (@caphrim007)
@ -158,11 +169,8 @@ try:
    from library.module_utils.network.f5.bigip import F5RestClient
    from library.module_utils.network.f5.common import F5ModuleError
    from library.module_utils.network.f5.common import AnsibleF5Parameters
    from library.module_utils.network.f5.common import cleanup_tokens
    from library.module_utils.network.f5.common import fq_name
    from library.module_utils.network.f5.common import f5_argument_spec
    from library.module_utils.network.f5.common import exit_json
    from library.module_utils.network.f5.common import fail_json
    from library.module_utils.network.f5.common import transform_name
    from library.module_utils.compat.ipaddress import ip_address
    from library.module_utils.compat.ipaddress import ip_interface
@ -172,11 +180,8 @@ except ImportError:
    from ansible.module_utils.network.f5.bigip import F5RestClient
    from ansible.module_utils.network.f5.common import F5ModuleError
    from ansible.module_utils.network.f5.common import AnsibleF5Parameters
    from ansible.module_utils.network.f5.common import cleanup_tokens
    from ansible.module_utils.network.f5.common import fq_name
    from ansible.module_utils.network.f5.common import f5_argument_spec
    from ansible.module_utils.network.f5.common import exit_json
    from ansible.module_utils.network.f5.common import fail_json
    from ansible.module_utils.network.f5.common import transform_name
    from ansible.module_utils.compat.ipaddress import ip_address
    from ansible.module_utils.compat.ipaddress import ip_interface
@ -744,7 +749,7 @@ class Difference(object):
 class ModuleManager(object):
    def __init__(self, *args, **kwargs):
        self.module = kwargs.get('module', None)
-        self.client = kwargs.get('client', None)
+        self.client = F5RestClient(**self.module.params)
        self.want = ModuleParameters(params=self.module.params)
        self.have = ApiParameters()
        self.changes = UsableChanges()
@ -961,16 +966,12 @@ def main():
        supports_check_mode=spec.supports_check_mode
    )
    client = F5RestClient(**module.params)
    try:
-        mm = ModuleManager(module=module, client=client)
+        mm = ModuleManager(module=module)
        results = mm.exec_module()
-        cleanup_tokens(client)
+        module.exit_json(**results)
        exit_json(module, results, client)
    except F5ModuleError as ex:
-        cleanup_tokens(client)
+        module.fail_json(msg=str(ex))
        fail_json(module, ex, client)
 if __name__ == '__main__':
--- a/lib/ansible/modules/network/f5/bigip_firewall_dos_profile.py
+++ b/lib/ansible/modules/network/f5/bigip_firewall_dos_profile.py
@ -24,10 +24,12 @@ options:
  name:
    description:
      - Specifies the name of the profile.
    type: str
    required: True
  description:
    description:
      - The description of the DoS profile.
    type: str
  default_whitelist:
    description:
      - The default whitelist address list for the system to use to determine which
@ -35,6 +37,7 @@ options:
      - The system does not examine traffic from the IP addresses in the list when
        performing DoS prevention.
      - To define a new whitelist, use the C(bigip_firewall_address_list) module.
    type: str
  threshold_sensitivity:
    description:
      - Specifies the threshold sensitivity for the DoS profile.
@ -42,6 +45,7 @@ options:
        lower when sensitivity is C(high).
      - When creating a new profile, if this parameter is not specified, the default
        is C(medium).
    type: str
    choices:
      - low
      - medium
@ -49,15 +53,17 @@ options:
  partition:
    description:
      - Device partition to manage resources on.
    type: str
    default: Common
  state:
    description:
      - When C(present), ensures that the resource exists.
      - When C(absent), ensures the resource is removed.
-    default: present
+    type: str
    choices:
      - present
      - absent
    default: present
 extends_documentation_fragment: f5
 author:
  - Tim Rupp (@caphrim007)
@ -100,21 +106,15 @@ try:
    from library.module_utils.network.f5.bigip import F5RestClient
    from library.module_utils.network.f5.common import F5ModuleError
    from library.module_utils.network.f5.common import AnsibleF5Parameters
    from library.module_utils.network.f5.common import cleanup_tokens
    from library.module_utils.network.f5.common import fq_name
    from library.module_utils.network.f5.common import f5_argument_spec
    from library.module_utils.network.f5.common import exit_json
    from library.module_utils.network.f5.common import fail_json
    from library.module_utils.network.f5.common import transform_name
 except ImportError:
    from ansible.module_utils.network.f5.bigip import F5RestClient
    from ansible.module_utils.network.f5.common import F5ModuleError
    from ansible.module_utils.network.f5.common import AnsibleF5Parameters
    from ansible.module_utils.network.f5.common import cleanup_tokens
    from ansible.module_utils.network.f5.common import fq_name
    from ansible.module_utils.network.f5.common import f5_argument_spec
    from ansible.module_utils.network.f5.common import exit_json
    from ansible.module_utils.network.f5.common import fail_json
    from ansible.module_utils.network.f5.common import transform_name
@ -200,7 +200,7 @@ class Difference(object):
 class ModuleManager(object):
    def __init__(self, *args, **kwargs):
        self.module = kwargs.get('module', None)
-        self.client = kwargs.get('client', None)
+        self.client = F5RestClient(**self.module.params)
        self.want = ModuleParameters(params=self.module.params)
        self.have = ApiParameters()
        self.changes = UsableChanges()
@ -414,16 +414,12 @@ def main():
        supports_check_mode=spec.supports_check_mode,
    )
    client = F5RestClient(**module.params)
    try:
-        mm = ModuleManager(module=module, client=client)
+        mm = ModuleManager(module=module)
        results = mm.exec_module()
-        cleanup_tokens(client)
+        module.exit_json(**results)
        exit_json(module, results, client)
    except F5ModuleError as ex:
-        cleanup_tokens(client)
+        module.fail_json(msg=str(ex))
        fail_json(module, ex, client)
 if __name__ == '__main__':
--- a/lib/ansible/modules/network/f5/bigip_firewall_dos_vector.py
+++ b/lib/ansible/modules/network/f5/bigip_firewall_dos_vector.py
@ -95,6 +95,7 @@ options:
      - When C(sip-malformed), configures the "sip-malformed" SIP Protocol Security vector.
      - When C(subscribe), configures the "SIP SUBSCRIBE Method" SIP Protocol Security vector.
      - When C(uri-limit), configures the "uri-limit" SIP Protocol Security vector.
    type: str
    choices:
      - ext-hdr-too-large
      - hop-cnt-low
@ -157,6 +158,7 @@ options:
      - Vectors can be managed in either DoS Profiles, or Device Configuration. By
        specifying a profile of 'device-config', this module will specifically tailor
        configuration of the provided vectors to the Device Configuration.
    type: str
    required: True
  auto_blacklist:
    description:
@ -179,6 +181,7 @@ options:
        specified.
      - To set no hard limit and allow automatic thresholds to manage all rate limiting,
        set this to C(infinite).
    type: str
  attack_floor:
    description:
      - Specifies packets per second to identify an attack.
@ -187,6 +190,7 @@ options:
      - As the automatic detection thresholds adjust to traffic and CPU usage on the
        system over time, this attack floor becomes less relevant.
      - This value may not exceed the value in C(attack_floor).
    type: str
  allow_advertisement:
    description:
      - Specifies that addresses that are identified for blacklisting are advertised to
@ -201,28 +205,34 @@ options:
  blacklist_detection_seconds:
    description:
      - Detection, in seconds, before blacklisting occurs.
    type: int
  blacklist_duration:
    description:
      - Duration, in seconds, that the blacklist will last.
    type: int
  per_source_ip_detection_threshold:
    description:
      - Specifies the number of packets per second to identify an IP address as a bad
        actor.
    type: str
  per_source_ip_mitigation_threshold:
    description:
      - Specifies the rate limit applied to a source IP that is identified as a bad
        actor.
    type: str
  detection_threshold_percent:
    description:
      - Lists the threshold percent increase over time that the system must detect in
        traffic in order to detect this attack.
      - The C(tcp-half-open) vector does not support this parameter.
    type: str
    aliases:
      - rate_increase
  detection_threshold_eps:
    description:
      - Lists how many packets per second the system must discover in traffic in order
        to detect this attack.
    type: str
    aliases:
      - rate_threshold
  mitigation_threshold_eps:
@ -230,6 +240,7 @@ options:
      - Specify the maximum number of this type of packet per second the system allows
        for a vector.
      - The system drops packets once the traffic level exceeds the rate limit.
    type: str
    aliases:
      - rate_limit
  threshold_mode:
@ -240,6 +251,7 @@ options:
        for this parameter.
      - The C(sip-malformed) vector does not support C(fully-automatic), or C(stress-based-mitigation)
        for this parameter.
    type: str
    choices:
      - manual
      - stress-based-mitigation
@ -254,6 +266,7 @@ options:
        and thresholds, but is still tracked in logs and statistics.
      - When C(state) is C(learn-only), ensures that the vector does not "detect" any attacks.
        Only learning and stat collecting is performed.
    type: str
    choices:
      - mitigate
      - detect-only
@ -263,6 +276,7 @@ options:
  partition:
    description:
      - Device partition to manage resources on.
    type: str
    default: Common
 extends_documentation_fragment: f5
 requirements:
@ -374,22 +388,16 @@ try:
    from library.module_utils.network.f5.bigip import F5RestClient
    from library.module_utils.network.f5.common import F5ModuleError
    from library.module_utils.network.f5.common import AnsibleF5Parameters
    from library.module_utils.network.f5.common import cleanup_tokens
    from library.module_utils.network.f5.common import fq_name
    from library.module_utils.network.f5.common import f5_argument_spec
    from library.module_utils.network.f5.common import exit_json
    from library.module_utils.network.f5.common import fail_json
    from library.module_utils.network.f5.common import transform_name
    from library.module_utils.network.f5.common import flatten_boolean
 except ImportError:
    from ansible.module_utils.network.f5.bigip import F5RestClient
    from ansible.module_utils.network.f5.common import F5ModuleError
    from ansible.module_utils.network.f5.common import AnsibleF5Parameters
    from ansible.module_utils.network.f5.common import cleanup_tokens
    from ansible.module_utils.network.f5.common import fq_name
    from ansible.module_utils.network.f5.common import f5_argument_spec
    from ansible.module_utils.network.f5.common import exit_json
    from ansible.module_utils.network.f5.common import fail_json
    from ansible.module_utils.network.f5.common import transform_name
    from ansible.module_utils.network.f5.common import flatten_boolean
@ -740,7 +748,7 @@ class Difference(object):
 class BaseManager(object):
    def __init__(self, *args, **kwargs):
        self.module = kwargs.get('module', None)
-        self.client = kwargs.get('client', None)
+        self.client = F5RestClient(**self.module.params)
        # A list of all the vectors queried from the API when reading current info
        # from the device. This is used when updating the API as the value that needs
@ -1287,16 +1295,12 @@ def main():
        supports_check_mode=spec.supports_check_mode,
    )
    client = F5RestClient(**module.params)
    try:
-        mm = ModuleManager(module=module, client=client)
+        mm = ModuleManager(module=module)
        results = mm.exec_module()
-        cleanup_tokens(client)
+        module.exit_json(**results)
        exit_json(module, results, client)
    except F5ModuleError as ex:
-        cleanup_tokens(client)
+        module.fail_json(msg=str(ex))
        fail_json(module, ex, client)
 if __name__ == '__main__':
--- a/lib/ansible/modules/network/f5/bigip_firewall_global_rules.py
+++ b/lib/ansible/modules/network/f5/bigip_firewall_global_rules.py
@ -27,6 +27,7 @@ options:
    description:
      - Specifies an enforced firewall policy.
      - C(enforced_policy) rules are enforced globally.
    type: str
  service_policy:
    description:
      - Specifies a service policy that would apply to traffic globally.
@ -39,15 +40,18 @@ options:
        policy setting at the global level.
      - The service policy associated here can be created using the
        C(bigip_service_policy) module.
    type: str
  staged_policy:
    description:
      - Specifies a staged firewall policy.
      - C(staged_policy) rules are not enforced while all the visibility
        aspects namely statistics, reporting and logging function as if
        the staged-policy rules were enforced globally.
    type: str
  description:
    description:
      - Description for the global list of firewall rules.
    type: str
 extends_documentation_fragment: f5
 author:
  - Tim Rupp (@caphrim007)
@ -93,21 +97,15 @@ try:
    from library.module_utils.network.f5.bigip import F5RestClient
    from library.module_utils.network.f5.common import F5ModuleError
    from library.module_utils.network.f5.common import AnsibleF5Parameters
    from library.module_utils.network.f5.common import cleanup_tokens
    from library.module_utils.network.f5.common import fq_name
    from library.module_utils.network.f5.common import f5_argument_spec
    from library.module_utils.network.f5.common import exit_json
    from library.module_utils.network.f5.common import fail_json
    from library.module_utils.network.f5.compare import cmp_str_with_none
 except ImportError:
    from ansible.module_utils.network.f5.bigip import F5RestClient
    from ansible.module_utils.network.f5.common import F5ModuleError
    from ansible.module_utils.network.f5.common import AnsibleF5Parameters
    from ansible.module_utils.network.f5.common import cleanup_tokens
    from ansible.module_utils.network.f5.common import fq_name
    from ansible.module_utils.network.f5.common import f5_argument_spec
    from ansible.module_utils.network.f5.common import exit_json
    from ansible.module_utils.network.f5.common import fail_json
    from ansible.module_utils.network.f5.compare import cmp_str_with_none
@ -243,7 +241,7 @@ class Difference(object):
 class ModuleManager(object):
    def __init__(self, *args, **kwargs):
        self.module = kwargs.get('module', None)
-        self.client = kwargs.get('client', None)
+        self.client = F5RestClient(**self.module.params)
        self.want = ModuleParameters(params=self.module.params)
        self.have = ApiParameters()
        self.changes = UsableChanges()
@ -371,16 +369,12 @@ def main():
        supports_check_mode=spec.supports_check_mode,
    )
    client = F5RestClient(**module.params)
    try:
-        mm = ModuleManager(module=module, client=client)
+        mm = ModuleManager(module=module)
        results = mm.exec_module()
-        cleanup_tokens(client)
+        module.exit_json(**results)
        exit_json(module, results, client)
    except F5ModuleError as ex:
-        cleanup_tokens(client)
+        module.fail_json(msg=str(ex))
        fail_json(module, ex, client)
 if __name__ == '__main__':
--- a/lib/ansible/modules/network/f5/bigip_firewall_policy.py
+++ b/lib/ansible/modules/network/f5/bigip_firewall_policy.py
@ -23,16 +23,19 @@ options:
  name:
    description:
      - The name of the policy to create.
    type: str
    required: True
  description:
    description:
      - The description to attach to the policy.
      - This parameter is only supported on versions of BIG-IP >= 12.1.0. On earlier
        versions it will simply be ignored.
    type: str
  state:
    description:
      - When C(state) is C(present), ensures that the policy exists.
      - When C(state) is C(absent), ensures that the policy is removed.
    type: str
    choices:
      - present
      - absent
@ -48,9 +51,11 @@ options:
        configuration for these rules.
      - The C(bigip_firewall_rule) module can be used to also create, as well as
        edit, existing and new rules.
    type: list
  partition:
    description:
      - Device partition to manage resources on.
    type: str
    default: Common
 extends_documentation_fragment: f5
 author:
@ -92,19 +97,13 @@ try:
    from library.module_utils.network.f5.bigip import F5RestClient
    from library.module_utils.network.f5.common import F5ModuleError
    from library.module_utils.network.f5.common import AnsibleF5Parameters
    from library.module_utils.network.f5.common import cleanup_tokens
    from library.module_utils.network.f5.common import f5_argument_spec
    from library.module_utils.network.f5.common import fail_json
    from library.module_utils.network.f5.common import exit_json
    from library.module_utils.network.f5.common import transform_name
 except ImportError:
    from ansible.module_utils.network.f5.bigip import F5RestClient
    from ansible.module_utils.network.f5.common import F5ModuleError
    from ansible.module_utils.network.f5.common import AnsibleF5Parameters
    from ansible.module_utils.network.f5.common import cleanup_tokens
    from ansible.module_utils.network.f5.common import f5_argument_spec
    from ansible.module_utils.network.f5.common import fail_json
    from ansible.module_utils.network.f5.common import exit_json
    from ansible.module_utils.network.f5.common import transform_name
@ -206,7 +205,7 @@ class Difference(object):
 class ModuleManager(object):
    def __init__(self, *args, **kwargs):
        self.module = kwargs.get('module', None)
-        self.client = kwargs.get('client', None)
+        self.client = F5RestClient(**self.module.params)
        self.want = ModuleParameters(params=self.module.params)
        self.have = ApiParameters()
        self.changes = UsableChanges()
@ -521,16 +520,12 @@ def main():
        supports_check_mode=spec.supports_check_mode,
    )
    client = F5RestClient(**module.params)
    try:
-        mm = ModuleManager(module=module, client=client)
+        mm = ModuleManager(module=module)
        results = mm.exec_module()
-        cleanup_tokens(client)
+        module.exit_json(**results)
        exit_json(module, results, client)
    except F5ModuleError as ex:
-        cleanup_tokens(client)
+        module.fail_json(msg=str(ex))
        fail_json(module, ex, client)
 if __name__ == '__main__':
--- a/lib/ansible/modules/network/f5/bigip_firewall_port_list.py
+++ b/lib/ansible/modules/network/f5/bigip_firewall_port_list.py
@ -24,37 +24,44 @@ options:
  name:
    description:
      - Specifies the name of the port list.
    type: str
    required: True
  partition:
    description:
      - Device partition to manage resources on.
    type: str
    default: Common
  description:
    description:
      - Description of the port list
    type: str
  ports:
    description:
      - Simple list of port values to add to the list
    type: list
  port_ranges:
    description:
      - A list of port ranges where the range starts with a port number, is followed
        by a dash (-) and then a second number.
      - If the first number is greater than the second number, the numbers will be
        reversed so-as to be properly formatted. ie, 90-78 would become 78-90.
    type: list
  port_lists:
    description:
      - Simple list of existing port lists to add to this list. Port lists can be
        specified in either their fully qualified name (/Common/foo) or their short
        name (foo). If a short name is used, the C(partition) argument will automatically
        be prepended to the short name.
    type: list
  state:
    description:
      - When C(present), ensures that the address list and entries exists.
      - When C(absent), ensures the address list is removed.
-    default: present
+    type: str
    choices:
      - present
      - absent
    default: present
 extends_documentation_fragment: f5
 author:
  - Tim Rupp (@caphrim007)
@ -172,23 +179,17 @@ try:
    from library.module_utils.network.f5.bigip import F5RestClient
    from library.module_utils.network.f5.common import F5ModuleError
    from library.module_utils.network.f5.common import AnsibleF5Parameters
    from library.module_utils.network.f5.common import cleanup_tokens
    from library.module_utils.network.f5.common import fq_name
    from library.module_utils.network.f5.common import f5_argument_spec
    from library.module_utils.network.f5.common import transform_name
    from library.module_utils.network.f5.common import exit_json
    from library.module_utils.network.f5.common import fail_json
    from library.module_utils.network.f5.icontrol import module_provisioned
 except ImportError:
    from ansible.module_utils.network.f5.bigip import F5RestClient
    from ansible.module_utils.network.f5.common import F5ModuleError
    from ansible.module_utils.network.f5.common import AnsibleF5Parameters
    from ansible.module_utils.network.f5.common import cleanup_tokens
    from ansible.module_utils.network.f5.common import fq_name
    from ansible.module_utils.network.f5.common import f5_argument_spec
    from ansible.module_utils.network.f5.common import transform_name
    from ansible.module_utils.network.f5.common import exit_json
    from ansible.module_utils.network.f5.common import fail_json
    from ansible.module_utils.network.f5.icontrol import module_provisioned
@ -413,7 +414,7 @@ class Difference(object):
 class ModuleManager(object):
    def __init__(self, *args, **kwargs):
        self.module = kwargs.get('module', None)
-        self.client = kwargs.get('client', None)
+        self.client = F5RestClient(**self.module.params)
        self.want = ModuleParameters(params=self.module.params)
        self.have = ApiParameters()
        self.changes = UsableChanges()
@ -632,16 +633,12 @@ def main():
        supports_check_mode=spec.supports_check_mode
    )
    client = F5RestClient(**module.params)
    try:
-        mm = ModuleManager(module=module, client=client)
+        mm = ModuleManager(module=module)
        results = mm.exec_module()
-        cleanup_tokens(client)
+        module.exit_json(**results)
        exit_json(module, results, client)
    except F5ModuleError as ex:
-        cleanup_tokens(client)
+        module.fail_json(msg=str(ex))
        fail_json(module, ex, client)
 if __name__ == '__main__':
--- a/lib/ansible/modules/network/f5/bigip_firewall_rule.py
+++ b/lib/ansible/modules/network/f5/bigip_firewall_rule.py
@ -26,15 +26,18 @@ options:
  name:
    description:
      - Specifies the name of the rule.
    type: str
    required: True
  parent_policy:
    description:
      - The policy which contains the rule to be managed.
      - One of either C(parent_policy) or C(parent_rule_list) is required.
    type: str
  parent_rule_list:
    description:
      - The rule list which contains the rule to be managed.
      - One of either C(parent_policy) or C(parent_rule_list) is required.
    type: str
  action:
    description:
      - Specifies the action for the firewall rule.
@ -56,6 +59,7 @@ options:
        or self IP firewall rule, then Accept Decisively is equivalent to Accept.
      - When creating a new rule, if this parameter is not provided, the default is
        C(reject).
    type: str
    choices:
      - accept
      - drop
@ -71,6 +75,7 @@ options:
        according to the specified schedule.
      - When creating a new rule, if this parameter is not provided, the default
        is C(enabled).
    type: str
    choices:
      - enabled
      - disabled
@ -80,19 +85,23 @@ options:
      - Specifies a schedule for the firewall rule.
      - You configure schedules to define days and times when the firewall rule is
        made active.
    type: str
  description:
    description:
      - The rule description.
    type: str
  irule:
    description:
-      - Specifies an iRule that is applied to the rule.
+      - Specifies an iRule that is applied to the firewall rule.
      - An iRule can be started when the firewall rule matches traffic.
    type: str
  protocol:
    description:
      - Specifies the protocol to which the rule applies.
      - Protocols may be specified by either their name or numeric value.
      - A special protocol value C(any) can be specified to match any protocol. The
        numeric equivalent of this protocol is C(255).
    type: str
  source:
    description:
      - Specifies packet sources to which the rule applies.
@ -105,29 +114,42 @@ options:
      address:
        description:
          - Specifies a specific IP address.
        type: str
      address_list:
        description:
          - Specifies an existing address list.
        type: str
      address_range:
        description:
          - Specifies an address range.
        type: str
      country:
        description:
          - Specifies a country code.
        type: str
      port:
        description:
          - Specifies a single numeric port.
          - This option is only valid when C(protocol) is C(tcp)(6) or C(udp)(17).
        type: int
      port_list:
        description:
          - Specifes an existing port list.
          - This option is only valid when C(protocol) is C(tcp)(6) or C(udp)(17).
        type: str
      port_range:
        description:
          - Specifies a range of ports, which is two port values separated by
            a hyphen. The port to the left of the hyphen should be less than the
            port to the right.
          - This option is only valid when C(protocol) is C(tcp)(6) or C(udp)(17).
        type: str
      vlan:
        description:
          - Specifies VLANs to which the rule applies.
          - The VLAN source refers to the packet's source.
        type: str
    type: list
  destination:
    description:
      - Specifies packet destinations to which the rule applies.
@ -140,29 +162,37 @@ options:
      address:
        description:
          - Specifies a specific IP address.
        type: str
      address_list:
        description:
          - Specifies an existing address list.
        type: str
      address_range:
        description:
          - Specifies an address range.
        type: str
      country:
        description:
          - Specifies a country code.
        type: str
      port:
        description:
          - Specifies a single numeric port.
          - This option is only valid when C(protocol) is C(tcp)(6) or C(udp)(17).
        type: int
      port_list:
        description:
          - Specifes an existing port list.
          - This option is only valid when C(protocol) is C(tcp)(6) or C(udp)(17).
        type: str
      port_range:
        description:
          - Specifies a range of ports, which is two port values separated by
            a hyphen. The port to the left of the hyphen should be less than the
            port to the right.
          - This option is only valid when C(protocol) is C(tcp)(6) or C(udp)(17).
        type: str
    type: list
  logging:
    description:
      - Specifies whether logging is enabled or disabled for the firewall rule.
@ -175,6 +205,7 @@ options:
      - This parameter is mutually exclusive with many of the other individual-rule
        specific settings. This includes C(logging), C(action), C(source),
        C(destination), C(irule'), C(protocol) and C(logging).
    type: str
  icmp_message:
    description:
      - Specifies the Internet Control Message Protocol (ICMP) or ICMPv6 message
@ -191,6 +222,7 @@ options:
          - You can also specify an arbitrary ICMP message.
          - The ICMP protocol contains definitions for the existing message type and
            number pairs.
        type: str
      code:
        description:
          - Specifies the code returned in response to the specified ICMP message type.
@ -202,14 +234,18 @@ options:
          - You can also specify an arbitrary code.
          - The ICMP protocol contains definitions for the existing message code and
            number pairs.
        type: str
    type: list
  partition:
    description:
      - Device partition to manage resources on.
    type: str
    default: Common
  state:
    description:
      - When C(state) is C(present), ensures that the rule exists.
      - When C(state) is C(absent), ensures that the rule is removed.
    type: str
    choices:
      - present
      - absent
@ -217,6 +253,7 @@ options:
 extends_documentation_fragment: f5
 author:
  - Tim Rupp (@caphrim007)
  - Wojciech Wypior (@wojtek0806)
 '''
 EXAMPLES = r'''
@ -281,16 +318,164 @@ EXAMPLES = r'''
 '''
 RETURN = r'''
-param1:
+name:
-  description: The new param1 value of the resource.
+  description: Name of the rule.
  returned: changed
  type: bool
  sample: true
 param2:
  description: The new param2 value of the resource.
  returned: changed
  type: str
-  sample: Foo is bar
+  sample: FooRule
 parent_policy:
  description: The policy which contains the rule to be managed.
  returned: changed
  type: str
  sample: FooPolicy
 parent_rule_list:
  description: The rule list which contains the rule to be managed.
  returned: changed
  type: str
  sample: FooRuleList
 action:
  description: The action for the firewall rule.
  returned: changed
  type: str
  sample: drop
 status:
  description: The activity state of the rule or rule list.
  returned: changed
  type: str
  sample: scheduled
 schedule:
  description: The schedule for the firewall rule.
  returned: changed
  type: str
  sample: Foo_schedule
 description:
  description: The rule description.
  returned: changed
  type: str
  sample: MyRule
 irule:
  description: The iRule that is applied to the firewall rule.
  returned: changed
  type: str
  sample: _sys_auth_radius
 protocol:
  description: The protocol to which the rule applies.
  returned: changed
  type: str
  sample: any
 source:
  description: The packet sources to which the rule applies
  returned: changed
  type: complex
  contains:
    address:
      description: A specific IP address.
      returned: changed
      type: str
      sample: 192.168.1.1
    address_list:
      description: An existing address list.
      returned: changed
      type: str
      sample: foo-list1
    address_range:
      description: The address range.
      returned: changed
      type: str
      sample: 1.1.1.1-2.2.2.2
    country:
      description: A country code.
      returned: changed
      type: str
      sample: US
    port:
      description: Single numeric port.
      returned: changed
      type: int
      sample: 8080
    port_list:
      description: An existing port list.
      returned: changed
      type: str
      sample: port-list1
    port_range:
      description: The port range.
      returned: changed
      type: str
      sample: 80-443
    vlan:
      description: Source VLANs for the packets.
      returned: changed
      type: str
      sample: vlan1
  sample: hash/dictionary of values
 destination:
  description: The packet destinations to which the rule applies.
  returned: changed
  type: complex
  contains:
    address:
      description: A specific IP address.
      returned: changed
      type: str
      sample: 192.168.1.1
    address_list:
      description: An existing address list.
      returned: changed
      type: str
      sample: foo-list1
    address_range:
      description: The address range.
      returned: changed
      type: str
      sample: 1.1.1.1-2.2.2.2
    country:
      description: A country code.
      returned: changed
      type: str
      sample: US
    port:
      description: Single numeric port.
      returned: changed
      type: int
      sample: 8080
    port_list:
      description: An existing port list.
      returned: changed
      type: str
      sample: port-list1
    port_range:
      description: The port range.
      returned: changed
      type: str
      sample: 80-443
  sample: hash/dictionary of values
 logging:
  description: Enable or Disable logging for the firewall rule.
  returned: changed
  type: bool
  sample: yes
 rule_list:
  description: An existing rule list to use in the rule.
  returned: changed
  type: str
  sample: rule-list-1
 icmp_message:
  description: The (ICMP) or ICMPv6 message C(type) and C(code) that the rule uses.
  returned: changed
  type: complex
  contains:
    type:
      description: The type of ICMP message.
      returned: changed
      type: str
      sample: 0
    code:
      description: The code returned in response to the specified ICMP message type.
      returned: changed
      type: str
      sample: 1
  sample: hash/dictionary of values
 '''
 from ansible.module_utils.basic import AnsibleModule
@ -300,24 +485,16 @@ try:
    from library.module_utils.network.f5.bigip import F5RestClient
    from library.module_utils.network.f5.common import F5ModuleError
    from library.module_utils.network.f5.common import AnsibleF5Parameters
    from library.module_utils.network.f5.common import cleanup_tokens
    from library.module_utils.network.f5.common import fq_name
    from library.module_utils.network.f5.common import f5_argument_spec
    from library.module_utils.network.f5.common import exit_json
    from library.module_utils.network.f5.common import fail_json
    from library.module_utils.network.f5.common import transform_name
    from library.module_utils.network.f5.common import fq_name
 except ImportError:
    from ansible.module_utils.network.f5.bigip import F5RestClient
    from ansible.module_utils.network.f5.common import F5ModuleError
    from ansible.module_utils.network.f5.common import AnsibleF5Parameters
    from ansible.module_utils.network.f5.common import cleanup_tokens
    from ansible.module_utils.network.f5.common import fq_name
    from ansible.module_utils.network.f5.common import f5_argument_spec
    from ansible.module_utils.network.f5.common import exit_json
    from ansible.module_utils.network.f5.common import fail_json
    from ansible.module_utils.network.f5.common import transform_name
    from ansible.module_utils.network.f5.common import fq_name
 class Parameters(AnsibleF5Parameters):
@ -752,7 +929,7 @@ class Difference(object):
 class ModuleManager(object):
    def __init__(self, *args, **kwargs):
        self.module = kwargs.get('module', None)
-        self.client = kwargs.get('client', None)
+        self.client = F5RestClient(**self.module.params)
        self.want = ModuleParameters(params=self.module.params)
        self.have = ApiParameters()
        self.changes = UsableChanges()
@ -1102,16 +1279,12 @@ def main():
        required_one_of=spec.required_one_of
    )
    client = F5RestClient(**module.params)
    try:
-        mm = ModuleManager(module=module, client=client)
+        mm = ModuleManager(module=module)
        results = mm.exec_module()
-        cleanup_tokens(client)
+        module.exit_json(**results)
        exit_json(module, results, client)
    except F5ModuleError as ex:
-        cleanup_tokens(client)
+        module.fail_json(msg=str(ex))
        fail_json(module, ex, client)
 if __name__ == '__main__':
--- a/lib/ansible/modules/network/f5/bigip_firewall_rule_list.py
+++ b/lib/ansible/modules/network/f5/bigip_firewall_rule_list.py
@ -23,16 +23,19 @@ options:
  name:
    description:
      - The name of the policy to create.
    type: str
    required: True
  description:
    description:
      - The description to attach to the policy.
      - This parameter is only supported on versions of BIG-IP >= 12.1.0. On earlier
        versions it will simply be ignored.
    type: str
  state:
    description:
      - When C(state) is C(present), ensures that the rule list exists.
      - When C(state) is C(absent), ensures that the rule list is removed.
    type: str
    choices:
      - present
      - absent
@ -48,9 +51,11 @@ options:
        configuration for these rules.
      - The C(bigip_firewall_rule) module can be used to also create, as well as
        edit, existing and new rules.
    type: list
  partition:
    description:
      - Device partition to manage resources on.
    type: str
    default: Common
 extends_documentation_fragment: f5
 author:
@ -92,19 +97,13 @@ try:
    from library.module_utils.network.f5.bigip import F5RestClient
    from library.module_utils.network.f5.common import F5ModuleError
    from library.module_utils.network.f5.common import AnsibleF5Parameters
    from library.module_utils.network.f5.common import cleanup_tokens
    from library.module_utils.network.f5.common import f5_argument_spec
    from library.module_utils.network.f5.common import fail_json
    from library.module_utils.network.f5.common import exit_json
    from library.module_utils.network.f5.common import transform_name
 except ImportError:
    from ansible.module_utils.network.f5.bigip import F5RestClient
    from ansible.module_utils.network.f5.common import F5ModuleError
    from ansible.module_utils.network.f5.common import AnsibleF5Parameters
    from ansible.module_utils.network.f5.common import cleanup_tokens
    from ansible.module_utils.network.f5.common import f5_argument_spec
    from ansible.module_utils.network.f5.common import fail_json
    from ansible.module_utils.network.f5.common import exit_json
    from ansible.module_utils.network.f5.common import transform_name
@ -206,7 +205,7 @@ class Difference(object):
 class ModuleManager(object):
    def __init__(self, *args, **kwargs):
        self.module = kwargs.get('module', None)
-        self.client = kwargs.get('client', None)
+        self.client = F5RestClient(**self.module.params)
        self.want = ModuleParameters(params=self.module.params)
        self.have = ApiParameters()
        self.changes = UsableChanges()
@ -521,16 +520,12 @@ def main():
        supports_check_mode=spec.supports_check_mode,
    )
    client = F5RestClient(**module.params)
    try:
-        mm = ModuleManager(module=module, client=client)
+        mm = ModuleManager(module=module)
        results = mm.exec_module()
-        cleanup_tokens(client)
+        module.exit_json(**results)
        exit_json(module, results, client)
    except F5ModuleError as ex:
-        cleanup_tokens(client)
+        module.fail_json(msg=str(ex))
        fail_json(module, ex, client)
 if __name__ == '__main__':
--- a/test/units/modules/network/f5/test_bigip_dns_cache_resolver.py
+++ b/test/units/modules/network/f5/test_bigip_dns_cache_resolver.py
@ -93,9 +93,11 @@ class TestManager(unittest.TestCase):
            name='foo',
            route_domain=20,
            partition='Common',
-            server='localhost',
+            provider=dict(
-            password='password',
+                server='localhost',
-            user='admin'
+                password='password',
                user='admin'
            )
        ))
        module = AnsibleModule(
--- a/test/units/modules/network/f5/test_bigip_dns_nameserver.py
+++ b/test/units/modules/network/f5/test_bigip_dns_nameserver.py
@ -106,9 +106,11 @@ class TestManager(unittest.TestCase):
            route_domain=20,
            tsig_key='key1',
            partition='Common',
-            server='localhost',
+            provider=dict(
-            password='password',
+                server='localhost',
-            user='admin'
+                password='password',
                user='admin'
            )
        ))
        module = AnsibleModule(
--- a/test/units/modules/network/f5/test_bigip_dns_resolver.py
+++ b/test/units/modules/network/f5/test_bigip_dns_resolver.py
@ -104,9 +104,11 @@ class TestManager(unittest.TestCase):
        # Configure the arguments that would be sent to the Ansible module
        set_module_args(dict(
            name='foo',
-            password='password',
+            provider=dict(
-            server='localhost',
+                server='localhost',
-            user='admin'
+                password='password',
                user='admin'
            )
        ))
        module = AnsibleModule(
--- a/test/units/modules/network/f5/test_bigip_dns_zone.py
+++ b/test/units/modules/network/f5/test_bigip_dns_zone.py
@ -108,9 +108,11 @@ class TestManager(unittest.TestCase):
        # Configure the arguments that would be sent to the Ansible module
        set_module_args(dict(
            name='foo',
-            password='password',
+            provider=dict(
-            server='localhost',
+                server='localhost',
-            user='admin'
+                password='password',
                user='admin'
            )
        ))
        module = AnsibleModule(
--- a/test/units/modules/network/f5/test_bigip_file_copy.py
+++ b/test/units/modules/network/f5/test_bigip_file_copy.py
@ -95,14 +95,17 @@ class TestManager(unittest.TestCase):
        set_module_args(dict(
            name='foo',
            source='file.txt',
-            password='password',
+            provider=dict(
-            server='localhost',
+                server='localhost',
-            user='admin'
+                password='password',
                user='admin'
            )
        ))
        module = AnsibleModule(
            argument_spec=self.spec.argument_spec,
-            supports_check_mode=self.spec.supports_check_mode
+            supports_check_mode=self.spec.supports_check_mode,
            required_if=self.spec.required_if
        )
        tm = IFileManager(module=module)
--- a/test/units/modules/network/f5/test_bigip_firewall_address_list.py
+++ b/test/units/modules/network/f5/test_bigip_firewall_address_list.py
@ -113,9 +113,11 @@ class TestManager(unittest.TestCase):
                dict(country='EU')
            ],
            fqdns=['google.com', 'mit.edu'],
-            password='password',
+            provider=dict(
-            server='localhost',
+                server='localhost',
-            user='admin'
+                password='password',
                user='admin'
            )
        ))
        module = AnsibleModule(
--- a/test/units/modules/network/f5/test_bigip_firewall_dos_profile.py
+++ b/test/units/modules/network/f5/test_bigip_firewall_dos_profile.py
@ -91,9 +91,11 @@ class TestManager(unittest.TestCase):
            description='this is a description',
            threshold_sensitivity='low',
            default_whitelist='whitelist1',
-            password='password',
+            provider=dict(
-            server='localhost',
+                server='localhost',
-            user='admin'
+                password='password',
                user='admin'
            )
        ))
        module = AnsibleModule(
--- a/test/units/modules/network/f5/test_bigip_firewall_dos_vector.py
+++ b/test/units/modules/network/f5/test_bigip_firewall_dos_vector.py
@ -88,9 +88,11 @@ class TestManager(unittest.TestCase):
            name='aaaa',
            state='mitigate',
            profile='foo',
-            password='password',
+            provider=dict(
-            server='localhost',
+                server='localhost',
-            user='admin'
+                password='password',
                user='admin'
            )
        ))
        module = AnsibleModule(
--- a/test/units/modules/network/f5/test_bigip_firewall_global_rules.py
+++ b/test/units/modules/network/f5/test_bigip_firewall_global_rules.py
@ -93,9 +93,11 @@ class TestUntypedManager(unittest.TestCase):
            enforced_policy='enforced1',
            staged_policy='staged1',
            service_policy='service1',
-            password='password',
+            provider=dict(
-            server='localhost',
+                server='localhost',
-            user='admin'
+                password='password',
                user='admin'
            )
        ))
        module = AnsibleModule(
--- a/test/units/modules/network/f5/test_bigip_firewall_policy.py
+++ b/test/units/modules/network/f5/test_bigip_firewall_policy.py
@ -96,9 +96,11 @@ class TestManager(unittest.TestCase):
            name='foo',
            description='this is a description',
            rules=['rule1', 'rule2', 'rule3'],
-            password='password',
+            provider=dict(
-            server='localhost',
+                server='localhost',
-            user='admin'
+                password='password',
                user='admin'
            )
        ))
        module = AnsibleModule(
--- a/test/units/modules/network/f5/test_bigip_firewall_port_list.py
+++ b/test/units/modules/network/f5/test_bigip_firewall_port_list.py
@ -117,9 +117,11 @@ class TestManager(unittest.TestCase):
            ports=[1, 2, 3, 4],
            port_ranges=['10-20', '30-40', '50-60'],
            port_lists=['/Common/foo', 'foo'],
-            password='password',
+            provider=dict(
-            server='localhost',
+                server='localhost',
-            user='admin'
+                password='password',
                user='admin'
            )
        ))
        module = AnsibleModule(
--- a/test/units/modules/network/f5/test_bigip_firewall_rule.py
+++ b/test/units/modules/network/f5/test_bigip_firewall_rule.py
@ -136,11 +136,18 @@ class TestManager(unittest.TestCase):
            irule='irule1',
            action='accept',
            logging='yes',
            provider=dict(
                server='localhost',
                password='password',
                user='admin'
            )
        ))
        module = AnsibleModule(
            argument_spec=self.spec.argument_spec,
-            supports_check_mode=self.spec.supports_check_mode
+            supports_check_mode=self.spec.supports_check_mode,
            mutually_exclusive=self.spec.mutually_exclusive,
            required_one_of=self.spec.required_one_of
        )
        # Override methods in the specific type of manager
--- a/test/units/modules/network/f5/test_bigip_firewall_rule_list.py
+++ b/test/units/modules/network/f5/test_bigip_firewall_rule_list.py
@ -88,9 +88,11 @@ class TestManager(unittest.TestCase):
            name='foo',
            description='this is a description',
            rules=['rule1', 'rule2', 'rule3'],
-            password='password',
+            provider=dict(
-            server='localhost',
+                server='localhost',
-            user='admin'
+                password='password',
                user='admin'
            )
        ))
        module = AnsibleModule(