utm_proxy_auth_profile – create, update or destroy reverse_proxy auth_profile entry in Sophos UTM
utm_proxy_auth_profile – create, update or destroy reverse_proxy auth_profile entry in Sophos UTM
New in version 2.8.
Synopsis
- Create, update or destroy a reverse_proxy auth_profile entry in SOPHOS UTM.
- This module needs to have the REST Ability of the UTM to be activated.
Parameters
| Parameter | Choices/Defaults | Comments |
|---|---|---|
|
aaa - / required |
List of references to utm_aaa objects (allowed users or groups) | |
|
backend_mode - |
|
Specifies if the backend server needs authentication ([Basic|None]) |
|
backend_strip_basic_auth boolean |
|
Should the login data be stripped when proxying the request to the backend host |
|
backend_user_prefix - |
Default: "" |
Prefix string to prepend to the username for backend authentication |
|
backend_user_suffix - |
Default: "" |
Suffix string to append to the username for backend authentication |
|
basic_prompt - / required |
The message in the basic authentication prompt | |
|
comment - |
Default: "" |
Optional comment string |
|
frontend_cookie - |
Frontend cookie name | |
|
frontend_cookie_secret - |
Frontend cookie secret | |
|
frontend_form - |
Frontend authentication form name | |
|
frontend_form_template - |
Default: "" |
Frontend authentication form template |
|
frontend_login - |
Frontend login name | |
|
frontend_logout - |
Frontend logout name | |
|
frontend_mode - |
|
Frontend authentication mode (Form|Basic) |
|
frontend_realm - |
Frontend authentication realm | |
|
frontend_session_allow_persistency boolean |
|
Allow session persistency |
|
frontend_session_lifetime - / required |
session lifetime | |
|
frontend_session_lifetime_limited boolean |
|
Specifies if limitation of session lifetime is active |
|
frontend_session_lifetime_scope - |
|
scope for frontend_session_lifetime (days|hours|minutes) |
|
frontend_session_timeout - / required |
session timeout | |
|
frontend_session_timeout_enabled boolean |
|
Specifies if session timeout is active |
|
frontend_session_timeout_scope - |
|
scope for frontend_session_timeout (days|hours|minutes) |
|
headers dictionary |
A dictionary of additional headers to be sent to POST and PUT requests. Is needed for some modules | |
|
logout_delegation_urls - |
Default: [] |
List of logout URLs that logouts are delegated to |
|
logout_mode - |
|
Mode of logout (None|Delegation) |
|
name - / required |
The name of the object. Will be used to identify the entry | |
|
redirect_to_requested_url boolean |
|
Should a redirect to the requested URL be made |
|
state string |
|
The desired state of the object.
|
|
utm_host string / required |
The REST Endpoint of the Sophos UTM. | |
|
utm_port integer |
Default: 4444 |
The port of the REST interface. |
|
utm_protocol string |
|
The protocol of the REST Endpoint. |
|
utm_token string / required |
The token used to identify at the REST-API. See https://www.sophos.com/en-us/medialibrary/PDFs/documentation/UTMonAWS/Sophos-UTM-RESTful-API.pdf?la=en, Chapter 2.4.2. | |
|
validate_certs boolean |
|
Whether the REST interface's ssl certificate should be verified or not. |
Examples
- name: Create UTM proxy_auth_profile
utm_proxy_auth_profile:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestAuthProfileEntry
aaa: [REF_OBJECT_STRING,REF_ANOTHEROBJECT_STRING]
basic_prompt: "Authentication required: Please login"
frontend_session_lifetime: 1
frontend_session_timeout: 1
state: present
- name: Remove UTM proxy_auth_profile
utm_proxy_auth_profile:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestAuthProfileEntry
state: absent
- name: Read UTM proxy_auth_profile
utm_proxy_auth_profile:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestAuthProfileEntry
state: infoReturn Values
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description | |
|---|---|---|---|
|
result complex |
success |
The utm object that was created
| |
|
_locked boolean |
Whether or not the object is currently locked
| ||
|
_ref string |
The reference name of the object
| ||
|
_type string |
The type of the object
| ||
|
aaa list |
List of references to utm_aaa objects (allowed users or groups)
| ||
|
backend_mode string |
Specifies if the backend server needs authentication ([Basic|None])
| ||
|
backend_strip_basic_auth boolean |
Should the login data be stripped when proxying the request to the backend host
| ||
|
backend_user_prefix string |
Prefix string to prepend to the username for backend authentication
| ||
|
backend_user_suffix string |
Suffix string to append to the username for backend authentication
| ||
|
basic_prompt string |
The message in the basic authentication prompt
| ||
|
comment string |
Optional comment string
| ||
|
frontend_cookie string |
Frontend cookie name
| ||
|
frontend_cookie_secret string |
Frontend cookie secret
| ||
|
frontend_form string |
Frontend authentication form name
| ||
|
frontend_form_template string |
Frontend authentication form template
| ||
|
frontend_login string |
Frontend login name
| ||
|
frontend_logout string |
Frontend logout name
| ||
|
frontend_mode string |
Frontend authentication mode (Form|Basic)
| ||
|
frontend_realm string |
Frontend authentication realm
| ||
|
frontend_session_allow_persistency boolean |
Allow session persistency
| ||
|
frontend_session_lifetime integer |
session lifetime
| ||
|
frontend_session_lifetime_limited boolean |
Specifies if limitation of session lifetime is active
| ||
|
frontend_session_lifetime_scope string |
scope for frontend_session_lifetime (days|hours|minutes)
| ||
|
frontend_session_timeout integer |
session timeout
| ||
|
frontend_session_timeout_enabled boolean |
Specifies if session timeout is active
| ||
|
frontend_session_timeout_scope string |
scope for frontend_session_timeout (days|hours|minutes)
| ||
|
logout_delegation_urls list |
List of logout URLs that logouts are delegated to
| ||
|
logout_mode string |
Mode of logout (None|Delegation)
| ||
|
name string |
The name of the object
| ||
|
redirect_to_requested_url boolean |
Should a redirect to the requested URL be made
|
Status
- This module is not guaranteed to have a backwards compatible interface. [preview]
- This module is maintained by the Ansible Community. [community]
Authors
- Stephan Schwarz (@stearz)
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.9/modules/utm_proxy_auth_profile_module.html
