/ home / ansible / ansible.builtin / v2.9.26 / module / na_ontap_user

ansible.builtin.na_ontap_user (v2.9.26) — module

NetApp ONTAP user configuration and management

| "added in version" 2.6 of ansible.builtin"

Authors: NetApp Ansible Team (@carchi8py) <ng-ansibleteam@netapp.com>

preview | supported by certified

Install Ansible via `pip`

Install with pip install ansible==2.9.26

Description

Create or destroy users.

Requirements

A physical or virtual clustered Data ONTAP system. The modules support Data ONTAP 9.1 and onward.
REST support requires ONTAP 9.6 or later.
Ansible 2.6
Ansible 2.9 or later is strongly recommended as it enables the new collection delivery system.
Python2 netapp-lib (2017.10.30) or later. Install using 'pip install netapp-lib'
Python3 netapp-lib (2018.11.13) or later. Install using 'pip install netapp-lib'
netapp-lib 2020.3.12 is strongly recommended as it provides better error reporting for connection issues.
To enable http on the cluster you must run the following commands 'set -privilege advanced;' 'system services web modify -http-enabled true;'

Usage examples

Scanned by Steampunk Spotter


    - name: Create User
      na_ontap_user:
        state: present
        name: SampleUser
        applications: ssh,console
        authentication_method: password
        set_password: apn1242183u1298u41
        lock_user: True
        role_name: vsadmin
        vserver: ansibleVServer
        hostname: "{{ netapp_hostname }}"
        username: "{{ netapp_username }}"
        password: "{{ netapp_password }}"

Scanned by Steampunk Spotter

    - name: Delete User
      na_ontap_user:
        state: absent
        name: SampleUser
        applications: ssh
        authentication_method: password
        vserver: ansibleVServer
        hostname: "{{ netapp_hostname }}"
        username: "{{ netapp_username }}"
        password: "{{ netapp_password }}"

Inputs

name:
description:
- The name of the user to manage.
required: true

https:
default: false
description:
- Enable and disable https.
- Ignored when using REST as only https is supported.
- Ignored when using SSL certificate authentication as it requires SSL.
type: bool

state:
choices:
- present
- absent
default: present
description:
- Whether the specified user should exist or not.

ontapi:
description:
- The ontap api version to use
type: int

vserver:
description:
- The name of the vserver to use.
required: true

hostname:
description:
- The hostname or IP address of the ONTAP instance.
required: true
type: str

password:
aliases:
- pass
description:
- Password for the specified user.
type: str

use_rest:
choices:
- Never
- Always
- Auto
default: Auto
description:
- REST API if supported by the target system for all the resources and attributes
the module requires. Otherwise will revert to ZAPI.
- Always -- will always use the REST API
- Never -- will always use the ZAPI
- Auto -- will try to use the REST Api
type: str

username:
aliases:
- user
description:
- This can be a Cluster-scoped or SVM-scoped account, depending on whether a Cluster-level
or SVM-level API is required.
- For more information, please read the documentation U(https://mysupport.netapp.com/NOW/download/software/nmsdk/9.4/).
- Two authentication methods are supported
- 1. basic authentication, using username and password,
- 2. SSL certificate authentication, using a ssl client cert file, and optionally
a private key file.
- To use a certificate, the certificate must have been installed in the ONTAP cluster,
and cert authentication must have been enabled.
type: str

http_port:
description:
- Override the default port (80 or 443) with this port
type: int

lock_user:
description:
- Whether the specified user account is locked.
type: bool

role_name:
description:
- The name of the role. Required when C(state=present)

applications:
aliases:
- application
choices:
- console
- http
- ontapi
- rsh
- snmp
- service-processor
- sp
- ssh
- telnet
description:
- List of application to grant access to.
required: true
type: list

key_filepath:
description:
- path to SSL client key file.
type: str
version_added: 20.6.0
version_added_collection: netapp.ontap

set_password:
description:
- Password for the user account.
- It is ignored for creating snmp users, but is required for creating non-snmp users.
- For an existing user, this value will be used as the new password.

cert_filepath:
description:
- path to SSL client cert file (.pem).
- not supported with python 2.6.
type: str
version_added: 20.6.0
version_added_collection: netapp.ontap

feature_flags:
description:
- Enable or disable a new feature.
- This can be used to enable an experimental feature or disable a new feature that
breaks backward compatibility.
- Supported keys and values are subject to change without notice. Unknown keys are
ignored.
type: dict
version_added: 20.5.0
version_added_collection: netapp.ontap

validate_certs:
default: true
description:
- If set to C(no), the SSL certificates will not be validated.
- This should only set to C(False) used on personally controlled sites using self-signed
certificates.
type: bool

authentication_method:
choices:
- community
- password
- publickey
- domain
- nsswitch
- usm
- cert
description:
- Authentication method for the application.
- Not all authentication methods are valid for an application.
- Valid authentication methods for each application are as denoted in I(authentication_choices_description).
- Password for console application
- Password, domain, nsswitch, cert for http application.
- Password, domain, nsswitch, cert for ontapi application.
- Community for snmp application (when creating SNMPv1 and SNMPv2 users).
- The usm and community for snmp application (when creating SNMPv3 users).
- Password for sp application.
- Password for rsh application.
- Password for telnet application.
- Password, publickey, domain, nsswitch for ssh application.
required: true

Install Ansible via pip

Description

Requirements

Usage examples

Inputs

Install Ansible via `pip`