Try SpotterManage the collection of local users on VyOS device
| "added in version" 2.4 of ansible.builtin"
Authors: Trishna Guha (@trishnaguha)
preview | supported by network
pipInstall with pip install ansible==2.4.6.0.post1
This module provides declarative management of the local usernames configured on network devices. It allows playbooks to manage either individual usernames or the collection of usernames in the current running config. It also supports purging usernames from the configuration that are not explicitly defined.
- name: create a new user
vyos_user:
name: ansible
configured_password: password
state: present
- name: remove all users except admin
vyos_user:
purge: yes
- name: set multiple users to level operator
vyos_user:
aggregate:
- name: netop
- name: netend
level: operator
state: present
- name: Change Password for User netop
vyos_user:
name: netop
configured_password: "{{ new_password }}"
update_password: always
state: present
name:
description:
- The username to be configured on the VyOS device. This argument accepts a string
value and is mutually exclusive with the C(aggregate) argument. Please note that
this option is not same as C(provider username).
level:
description:
- The C(level) argument configures the level of the user when logged into the system.
This argument accepts string values admin or operator.
purge:
default: false
description:
- Instructs the module to consider the resource definition absolute. It will remove
any previously configured usernames on the device with the exception of the `admin`
user (the current defined set of users).
type: bool
state:
choices:
- present
- absent
default: present
description:
- Configures the state of the username definition as it relates to the device operational
configuration. When set to I(present), the username(s) should be configured in the
device active configuration and when set to I(absent) the username(s) should not
be in the device active configuration
aggregate:
description:
- The set of username objects to be configured on the remote VyOS device. The list
entries can either be the username or a hash of username and properties. This argument
is mutually exclusive with the C(name) argument. alias C(users).
full_name:
description:
- The C(full_name) argument provides the full name of the user account to be created
on the remote device. This argument accepts any text string value.
update_password:
choices:
- on_create
- always
default: always
description:
- Since passwords are encrypted in the device running config, this argument will instruct
the module when to change the password. When set to C(always), the password will
always be updated in the device and when set to C(on_create) the password will be
updated only if the username is created.
configured_password:
description:
- The password to be configured on the VyOS device. The password needs to be provided
in clear and it will be encrypted on the device. Please note that this option is
not same as C(provider password).
commands: description: The list of configuration mode commands to send to the device returned: always sample: - set system login user test level operator - set system login user authentication plaintext-password password type: list