Try Spotterimplements rest api for AAA Authorization configuration
| "added in version" 2.4.0 of arubanetworks.aos_switch"
Authors: Sanju Sadanandan (@hpe)
preview | supported by community
Install with ansible-galaxy collection install arubanetworks.aos_switch:==1.7.0
collections:
- name: arubanetworks.aos_switch
version: 1.7.0This implements rest apis which can be used to configure authorization
- name: Updates the given console authorization
configuration to the system
arubaoss_aaa_authorization:
authorization_method: "AZM_TACACS"
- name: Create Authorization group
arubaoss_aaa_authorization:
command: authorization_group
group_name: "cool"
seq_num: 500
match_cmd: "show running-config"
cmd_permission: "AZP_PERMIT"
is_log_enabled: "true"
- name: Create Authorization group
arubaoss_aaa_authorization:
command: authorization_group
group_name: "cool"
seq_num: 600
match_cmd: "show version"
cmd_permission: "AZP_DENY"
is_log_enabled: "false"
- name: Delete Authorization group
arubaoss_aaa_authorization:
command: authorization_group
group_name: "cool"
seq_num: 500
config: "delete"
host:
description: 'Specifies the DNS host name or address for connecting to the remote
device over the specified transport. The value of host is used as the destination
address for the transport.
'
type: str
port:
description: 'Specifies the port to use when building the connection to the remote
device.
'
type: int
config:
choices:
- create
- delete
description: To config or unconfig the required command
command:
choices:
- authorization_group
- authorization_method
default: authorization_method
description: To configure a specific feature on AAA authorization
required: false
seq_num:
description: The sequence number. <1-2147483647>
type: int
timeout:
description: 'Specifies the timeout in seconds for communicating with the network
device for either connecting or sending commands. If the timeout is exceeded before
the operation is completed, the module will error.
'
type: int
use_ssl:
description: 'Configures use SSL (HTTPS) for access to the remote device.
'
type: bool
password:
description: 'Specifies the password to use to authenticate the connection to the
remote device. This value is used to authenticate the SSH session. If the value
is not specified in the task, the value of environment variable ANSIBLE_NET_PASSWORD
will be used instead.
'
type: str
provider:
description: A dict object containing connection details.
suboptions:
api_version:
default: None
description: 'Configures (force) API version (vX.Y) for acces to the remote device.
'
type: str
host:
description: 'Specifies the DNS host name or address for connecting to the remote
device over the specified transport. The value of host is used as the destination
address for the transport.
'
type: str
password:
description: 'Specifies the password to use to authenticate the connection to
the remote device. This value is used to authenticate the SSH session. If the
value is not specified in the task, the value of environment variable ANSIBLE_NET_PASSWORD
will be used instead.
'
type: str
port:
description: 'Specifies the port to use when building the connection to the remote
device.
'
type: int
ssh_keyfile:
description: 'Specifies the SSH key to use to authenticate the connection to the
remote device. This value is the path to the key used to authenticate the SSH
session. If the value is not specified in the task, the value of environment
variable ANSIBLE_NET_SSH_KEYFILE will be used instead.
'
type: path
timeout:
description: 'Specifies the timeout in seconds for communicating with the network
device for either connecting or sending commands. If the timeout is exceeded
before the operation is completed, the module will error.
'
type: int
transport:
default: aossapi
description: 'Configures the transport (aossapi or network_cli) mode.
'
type: str
use_proxy:
default: false
description: 'Configures use (Local) Proxy for access to the remote device.
'
type: bool
use_ssl:
description: 'Configures use SSL (HTTPS) for access to the remote device.
'
type: bool
username:
description: 'Configures the username to use to authenticate the connection to
the remote device. This value is used to authenticate the SSH session. If the
value is not specified in the task, the value of environment variable ANSIBLE_NET_USERNAME
will be used instead.
'
type: str
validate_certs:
default: false
description: 'Configures validation of certification for access to the remote
device.
'
type: bool
type: dict
username:
description: 'Configures the username to use to authenticate the connection to the
remote device. This value is used to authenticate the SSH session. If the value
is not specified in the task, the value of environment variable ANSIBLE_NET_USERNAME
will be used instead.
'
type: str
match_cmd:
description: Specify the command to match.
type: str
group_name:
description: Group name for the autorization group
type: str
api_version:
default: None
description: 'Configures (force) API version (vX.Y) for acces to the remote device.
'
type: str
ssh_keyfile:
description: 'Specifies the SSH key to use to authenticate the connection to the remote
device. This value is the path to the key used to authenticate the SSH session.
If the value is not specified in the task, the value of environment variable ANSIBLE_NET_SSH_KEYFILE
will be used instead.
'
type: path
cmd_permission:
choices:
- AZP_PERMIT
- AZP_DENY
default: AZP_PERMIT
description: Permit or deny the match command
required: false
is_log_enabled:
choices:
- true
- false
default: false
description: Generate an event log any time a match happens.
required: false
validate_certs:
default: false
description: 'Configures validation of certification for access to the remote device.
'
type: bool
authorization_method:
choices:
- AZM_NONE
- AZM_TACACS
description: To authorization method needed
required: false
message: description: The output message that the sample module generates original_message: description: The original name param that was passed in type: str