arubanetworks / arubanetworks.aos_switch / 1.7.0 / module / arubaoss_aaa_authentication implements rest api for AAA Authentication configuration | "added in version" 2.4.0 of arubanetworks.aos_switch" Authors: Sanju Sadanandan (@hpe) preview | supported by communityarubanetworks.aos_switch.arubaoss_aaa_authentication (1.7.0) — module
Install with ansible-galaxy collection install arubanetworks.aos_switch:==1.7.0
collections: - name: arubanetworks.aos_switch version: 1.7.0
This implements rest apis which can be used to configure authentication
- name: aaa authentication login privilege-mode arubaoss_aaa_authentication: command: config_authentication
- name: aaa authentication console login tacacs arubaoss_aaa_authentication: command: config_authentication_console primary_method: PAM_TACACS secondary_method: SAM_LOCAL
- name: aaa authentication ssh login tacacs arubaoss_aaa_authentication: command: config_authentication_ssh primary_method: PAM_TACACS secondary_method: SAM_LOCAL
- name: Create Authentication local user plaintext password arubaoss_aaa_authentication: command: config_authentication_local_user group_name: "Level-15" local_user_name: "ARUBA" password_type: "PET_PLAIN_TEXT" user_password: "ArubaR0Cks!"
- name: Create Authentication local user sha256 arubaoss_aaa_authentication: command: config_authentication_local_user group_name: "super" local_user_name: "ARUBA" password_type: "PET_SHA256" user_password: "1c6976e5b5410115bde308bd4dee15dfb167a9c873fc4bb8a81f6f2ab478a918"
- name: Create Authentication local user2 arubaoss_aaa_authentication: command: config_authentication_local_user group_name: "super" local_user_name: "user2" password_type: "PET_SHA1" user_password: "d033e22ae348aeb5660fc2140aec35850c4da997"
- name: update Authentication local user min_pwd_len, aging_period arubaoss_aaa_authentication: command: config_authentication_local_user local_user_name: "user1" min_pwd_len: 10 aging_period: 20
- name: Delete Authentication local user arubaoss_aaa_authentication: command: config_authentication_local_user local_user_name: "user1" config: "delete"
host: description: 'Specifies the DNS host name or address for connecting to the remote device over the specified transport. The value of host is used as the destination address for the transport. ' type: str port: description: 'Specifies the port to use when building the connection to the remote device. ' type: int command: choices: - config_authentication - config_authentication_console - config_authentication_ssh - config_authentication_local_user default: config_authentication description: Function name calls according to configuration required. config_authentication - To enable/disable privilaged mode, Specify that switch respects the authentication server's privilege level. config_authentication_console - Configure authentication mechanism used to control access to the switch console. config_authentication_ssh - Configure authentication mechanism used to control SSH access to the switch. config_authentication_local_user - Create or remove a local user account. required: false timeout: description: 'Specifies the timeout in seconds for communicating with the network device for either connecting or sending commands. If the timeout is exceeded before the operation is completed, the module will error. ' type: int use_ssl: description: 'Configures use SSL (HTTPS) for access to the remote device. ' type: bool password: description: 'Specifies the password to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable ANSIBLE_NET_PASSWORD will be used instead. ' type: str provider: description: A dict object containing connection details. suboptions: api_version: default: None description: 'Configures (force) API version (vX.Y) for acces to the remote device. ' type: str host: description: 'Specifies the DNS host name or address for connecting to the remote device over the specified transport. The value of host is used as the destination address for the transport. ' type: str password: description: 'Specifies the password to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable ANSIBLE_NET_PASSWORD will be used instead. ' type: str port: description: 'Specifies the port to use when building the connection to the remote device. ' type: int ssh_keyfile: description: 'Specifies the SSH key to use to authenticate the connection to the remote device. This value is the path to the key used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable ANSIBLE_NET_SSH_KEYFILE will be used instead. ' type: path timeout: description: 'Specifies the timeout in seconds for communicating with the network device for either connecting or sending commands. If the timeout is exceeded before the operation is completed, the module will error. ' type: int transport: default: aossapi description: 'Configures the transport (aossapi or network_cli) mode. ' type: str use_proxy: default: false description: 'Configures use (Local) Proxy for access to the remote device. ' type: bool use_ssl: description: 'Configures use SSL (HTTPS) for access to the remote device. ' type: bool username: description: 'Configures the username to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable ANSIBLE_NET_USERNAME will be used instead. ' type: str validate_certs: default: false description: 'Configures validation of certification for access to the remote device. ' type: bool type: dict username: description: 'Configures the username to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable ANSIBLE_NET_USERNAME will be used instead. ' type: str group_name: description: Specify the group for a username. Used with config_authentication_local_user command. type: str api_version: default: None description: 'Configures (force) API version (vX.Y) for acces to the remote device. ' type: str min_pwd_len: default: 8 description: Configures the minimum password length for a user. Used with config_authentication_local_user command. type: int <1-64> ssh_keyfile: description: 'Specifies the SSH key to use to authenticate the connection to the remote device. This value is the path to the key used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable ANSIBLE_NET_SSH_KEYFILE will be used instead. ' type: path aging_period: default: 0 description: Configures the password aging time for a user. Used with config_authentication_local_user command. type: int password_type: choices: - PET_SHA1 - PET_PLAIN_TEXT - PET_SHA256 default: PET_SHA1 description: Specify the password type. Used with config_authentication_local_user command. required: false user_password: description: Specify the password. Used with config_authentication_local_user command. type: str primary_method: choices: - PAM_LOCAL - PAM_TACACS default: PAM_LOCAL description: The primary authentication method, used with config_authentication_console and config_authentication_ssh command. required: false validate_certs: default: false description: 'Configures validation of certification for access to the remote device. ' type: bool local_user_name: description: Create or remove a local user account. Used with config_authentication_local_user command. required: false type: str secondary_method: choices: - SAM_NONE - SAM_LOCAL default: SAM_NONE description: The secondary authentication method, used with config_authentication_console and config_authentication_ssh command. required: false