community.network.avi_authprofile – Module for setup of AuthProfile Avi RESTful Object
community.network.avi_authprofile – Module for setup of AuthProfile Avi RESTful Object
Note
This plugin is part of the community.network collection (version 1.3.0).
To install it use: ansible-galaxy collection install community.network
.
To use it in a playbook, specify: community.network.avi_authprofile
.
Synopsis
- This module is used to configure AuthProfile object
- more examples at https://github.com/avinetworks/devops
Requirements
The below requirements are needed on the host that executes this module.
- avisdk
Parameters
Parameter | Choices/Defaults | Comments | |
---|---|---|---|
api_context dictionary |
Avi API context that includes current session ID and CSRF Token. This allows user to perform single login and re-use the session. | ||
api_version string |
Default: "16.4.4" |
Avi API version of to use for Avi API and objects. | |
avi_api_patch_op string |
|
Patch operation to use when using avi_api_update_method as patch. | |
avi_api_update_method string |
|
Default method for object update is HTTP PUT. Setting to patch will override that behavior to use HTTP PATCH. | |
avi_credentials dictionary |
Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details. | ||
api_version string |
Default: "16.4.4" |
Avi controller version | |
controller string |
Avi controller IP or SQDN | ||
csrftoken string |
Avi controller API csrftoken to reuse existing session with session id | ||
password string |
Avi controller password | ||
port string |
Avi controller port | ||
session_id string |
Avi controller API session id to reuse existing session with csrftoken | ||
tenant string |
Default: "admin" |
Avi controller tenant | |
tenant_uuid string |
Avi controller tenant UUID | ||
timeout string |
Default: 300 |
Avi controller request timeout | |
token string |
Avi controller API token | ||
username string |
Avi controller username | ||
avi_disable_session_cache_as_fact boolean |
|
It disables avi session information to be cached as a fact. | |
controller string |
Default: "" |
IP address or hostname of the controller. The default value is the environment variable | |
description string |
User defined description for the object. | ||
http string |
Http user authentication params. | ||
ldap string |
Ldap server and directory settings. | ||
name string / required |
Name of the auth profile. | ||
pa_agent_ref string |
Pingaccessagent uuid. It is a reference to an object of type pingaccessagent. Field introduced in 18.2.3. | ||
password string |
Default: "" |
Password of Avi user in Avi controller. The default value is the environment variable | |
saml string |
Saml settings. Field introduced in 17.2.3. | ||
state string |
|
The state that should be applied on the entity. | |
tacacs_plus string |
Tacacs+ settings. | ||
tenant string |
Default: "admin" |
Name of tenant used for all Avi API calls and context of object. | |
tenant_ref string |
It is a reference to an object of type tenant. | ||
tenant_uuid string |
Default: "" |
UUID of tenant used for all Avi API calls and context of object. | |
type string / required |
Type of the auth profile. Enum options - AUTH_PROFILE_LDAP, AUTH_PROFILE_TACACS_PLUS, AUTH_PROFILE_SAML, AUTH_PROFILE_PINGACCESS. | ||
url string |
Avi controller URL of the object. | ||
username string |
Default: "" |
Username used for accessing Avi controller. The default value is the environment variable | |
uuid string |
Uuid of the auth profile. |
Notes
Note
- For more information on using Ansible to manage Avi Network devices see https://www.ansible.com/ansible-avi-networks.
Examples
- name: Create user authorization profile based on the LDAP
community.network.avi_authprofile:
controller: '{{ controller }}'
password: '{{ password }}'
username: '{{ username }}'
http:
cache_expiration_time: 5
group_member_is_full_dn: false
ldap:
base_dn: dc=avi,dc=local
bind_as_administrator: true
port: 389
security_mode: AUTH_LDAP_SECURE_NONE
server:
- 10.10.0.100
settings:
admin_bind_dn: [email protected]
group_filter: (objectClass=*)
group_member_attribute: member
group_member_is_full_dn: true
group_search_dn: dc=avi,dc=local
group_search_scope: AUTH_LDAP_SCOPE_SUBTREE
ignore_referrals: true
password: password
user_id_attribute: samAccountname
user_search_dn: dc=avi,dc=local
user_search_scope: AUTH_LDAP_SCOPE_ONE
name: ProdAuth
tenant_ref: admin
type: AUTH_PROFILE_LDAP
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
obj dictionary |
success, changed |
AuthProfile (api/authprofile) object
|
Authors
- Gaurav Rastogi (@grastogi23) <[email protected]>
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.10/collections/community/network/avi_authprofile_module.html