arubanetworks / arubanetworks.aos_switch / 1.7.0 / module / arubaoss_radius_profile implements rest api for aaa configuration | "added in version" 2.4.0 of arubanetworks.aos_switch" Authors: Sanju Sadanandan (@hpe) preview | supported by communityarubanetworks.aos_switch.arubaoss_radius_profile (1.7.0) — module
Install with ansible-galaxy collection install arubanetworks.aos_switch:==1.7.0
collections: - name: arubanetworks.aos_switch version: 1.7.0
This implements rest apis which can be used to configure RADIUS Server
- name: Configure Radius server 10.0.0.1 with shared secret RADIUS! arubaoss_radius_profile: command: config_radius_server server_ip: 10.0.0.1 shared_secret: "RADIUS!"
- name: Configure Global Radius Profile key arubaoss_radius_profile: command: config_radius_profile key: "RADIUS!"
- name: Configure Radius Profile CPPM details for User Roles arubaoss_radius_profile: command: config_radius_profile cppm_details: {'username':'superman','password': 'upupandaway'}
- name: Configure Radius Server - arubaoss_radius_profile: command: config_radius_server server_ip: 10.0.0.1 shared_secret: "RADIUS!" is_dyn_authorization_enabled: True time_window: 0
- name: Configure Radius Server Group arubaoss_radius_profile: command: config_radius_serverGroup server_ip: 10.0.0.1 server_group_name: SUPER
- name: Configure Radius server 10.1.1.1 with shared secret ARUBA! arubaoss_radius_profile: command: config_radius_server server_ip: 10.1.1.1 shared_secret: "ARUBA!"
- name: Configure Radius server group arubaoss_radius_profile: command: config_radius_serverGroup server_group_name: AVENGERS server_ip: 10.1.1.1
key: description: Used with config_radius_profile command, Configure the default authentication key for all RADIUS. Input key as empty string to reset the value required: false type: str host: description: 'Specifies the DNS host name or address for connecting to the remote device over the specified transport. The value of host is used as the destination address for the transport. ' type: str port: description: 'Specifies the port to use when building the connection to the remote device. ' type: int config: choices: - create - delete default: create description: To config or remove the required command required: false type: str command: choices: - config_radius_profile - config_radius_serverGroup - config_radius_server description: Function name calls according to configuration required - choice config_radius_profile allows you to configure the switch's global radius server settings choice config_radius_server allows you to configure a radius server IP host choice config_radius_serverGroup allows you to configure a radius-server group with existing radius server hosts required: true type: str timeout: description: 'Specifies the timeout in seconds for communicating with the network device for either connecting or sending commands. If the timeout is exceeded before the operation is completed, the module will error. ' type: int use_ssl: description: 'Configures use SSL (HTTPS) for access to the remote device. ' type: bool version: choices: - IAV_IP_V4 default: IAV_IP_V4 description: Version of the IP Address used (V6 is not supported via REST) required: false password: description: 'Specifies the password to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable ANSIBLE_NET_PASSWORD will be used instead. ' type: str provider: description: A dict object containing connection details. suboptions: api_version: default: None description: 'Configures (force) API version (vX.Y) for acces to the remote device. ' type: str host: description: 'Specifies the DNS host name or address for connecting to the remote device over the specified transport. The value of host is used as the destination address for the transport. ' type: str password: description: 'Specifies the password to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable ANSIBLE_NET_PASSWORD will be used instead. ' type: str port: description: 'Specifies the port to use when building the connection to the remote device. ' type: int ssh_keyfile: description: 'Specifies the SSH key to use to authenticate the connection to the remote device. This value is the path to the key used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable ANSIBLE_NET_SSH_KEYFILE will be used instead. ' type: path timeout: description: 'Specifies the timeout in seconds for communicating with the network device for either connecting or sending commands. If the timeout is exceeded before the operation is completed, the module will error. ' type: int transport: default: aossapi description: 'Configures the transport (aossapi or network_cli) mode. ' type: str use_proxy: default: false description: 'Configures use (Local) Proxy for access to the remote device. ' type: bool use_ssl: description: 'Configures use SSL (HTTPS) for access to the remote device. ' type: bool username: description: 'Configures the username to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable ANSIBLE_NET_USERNAME will be used instead. ' type: str validate_certs: default: false description: 'Configures validation of certification for access to the remote device. ' type: bool type: dict username: description: 'Configures the username to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable ANSIBLE_NET_USERNAME will be used instead. ' type: str dead_time: default: 10 description: 'The RADIUS server dead_time. dead_time cannot set when is_tracking_enabled is true. Input dead_time: null to reset the value. dead_time is indicated as null instead of ''0'' in CLI' required: false type: int server_ip: description: Used with config_radius_server or config_radius_serverGroup - Radius server hosts IP address. Minimum is 1 servers, and maximum is 3 required: false type: str api_version: default: None description: 'Configures (force) API version (vX.Y) for acces to the remote device. ' type: str ssh_keyfile: description: 'Specifies the SSH key to use to authenticate the connection to the remote device. This value is the path to the key used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable ANSIBLE_NET_SSH_KEYFILE will be used instead. ' type: path cppm_details: description: 'Username and password combination of CPPM which is used to login to CPPM to download user roles, dictionary should be in the form: {''username'':''superman'',''password'': ''arubAn3tw0rks''}' required: false type: dict dyn_autz_port: default: 3799 description: Configure the UDP port for dynamic authorization messages. required: false type: int shared_secret: description: Used with config_radius_server command - The Radius server secret key required: false type: str retry_interval: default: 7 description: The RADIUS server retry interval required: false type: int tracking_uname: default: radius-tracking-user description: The RADIUS service tracking username required: false type: str validate_certs: default: false description: 'Configures validation of certification for access to the remote device. ' type: bool radius_server_id: choices: - 1 -- 15 default: 1 description: The unique ID of the RADIUS Profile. required: false time_window_type: choices: - TW_POSITIVE_TIME_WINDOW - TW_PLUS_OR_MINUS_TIME_WINDOW default: TW_POSITIVE_TIME_WINDOW description: Time window type required: false server_group_name: description: the AAA Server Group name required: false is_tracking_enabled: description: The RADIUS server for if tracking is enabled. The flag is_tracking_enabled, cannot set to true when dead_time is configured required: false retransmit_attempts: default: 5 description: The RADIUS server retransmit attempts required: false type: int