cisco / cisco.intersight / 2.0.8 / module / intersight_local_user_policy Local User Policy configuration for Cisco Intersight Authors: David Soper (@dsoper2) preview | supported by communitycisco.intersight.intersight_local_user_policy (2.0.8) — module
Install with ansible-galaxy collection install cisco.intersight:==2.0.8
collections: - name: cisco.intersight version: 2.0.8
Local User Policy configuration for Cisco Intersight.
Used to configure local users on endpoint devices.
For more information see L(Cisco Intersight,https://intersight.com/apidocs).
- name: Configure Local User policy intersight_local_user_policy: api_private_key: "{{ api_private_key }}" api_key_id: "{{ api_key_id }}" name: guest-admin tags: - Key: username Value: guest description: User named guest with admin role local_users: - username: guest role: admin password: vault_guest_password - username: reader role: readonly password: vault_reader_password
- name: Delete Local User policy intersight_local_user_policy: api_private_key: "{{ api_private_key }}" api_key_id: "{{ api_key_id }}" name: guest-admin state: absent
name: description: - The name assigned to the Local User Policy. - The name must be between 1 and 62 alphanumeric characters, allowing special characters :-_. required: true type: str tags: description: - List of tags in Key:<user-defined key> Value:<user-defined value> format. elements: dict type: list purge: default: false description: - The purge argument instructs the module to consider the resource definition absolute. - If true, any previously configured usernames will be removed from the policy with the exception of the `admin` user which cannot be deleted. type: bool state: choices: - present - absent default: present description: - If C(present), will verify the resource is present and will create if needed. - If C(absent), will verify the resource is absent and will delete if needed. type: str api_uri: default: https://intersight.com/api/v1 description: - URI used to access the Intersight API. - If not set, the value of the INTERSIGHT_API_URI environment variable is used. type: str use_proxy: default: true description: - If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts. type: bool api_key_id: description: - Public API Key ID associated with the private key. - If not set, the value of the INTERSIGHT_API_KEY_ID environment variable is used. required: true type: str description: aliases: - descr description: - The user-defined description of the Local User policy. - Description can contain letters(a-z, A-Z), numbers(0-9), hyphen(-), period(.), colon(:), or an underscore(_). type: str local_users: description: - List of local users on the endpoint. - An admin user already exists on the endpoint. - Add the admin user here only if you want to change the password, or enable or disable the user. - To add admin user, provide a username as 'admin', select the admin user role, and then proceed. elements: dict suboptions: enable: default: true description: - Enable or disable the user. type: bool password: description: - Valid login password of the user. required: true type: str role: choices: - admin - readonly - user description: - Roles associated with the user on the endpoint. required: true type: str username: description: - Name of the user created on the endpoint. required: true type: str type: list organization: default: default description: - The name of the Organization this resource is assigned to. - Profiles and Policies that are created within a Custom Organization are applicable only to devices in the same Organization. type: str validate_certs: default: true description: - Boolean control for verifying the api_uri TLS certificate type: bool api_private_key: description: - Filename (absolute path) or string of PEM formatted private key data to be used for Intersight API authentication. - If a string is used, Ansible vault should be used to encrypt string data. - Ex. ansible-vault encrypt_string --vault-id tme@/Users/dsoper/Documents/vault_password_file '-----BEGIN EC PRIVATE KEY----- - ' <your private key data>' - ' -----END EC PRIVATE KEY-----''' - If not set, the value of the INTERSIGHT_API_PRIVATE_KEY environment variable is used. required: true type: path password_history: default: 5 description: - Specifies number of times a password cannot repeat when changed (value between 0 and 5). - Entering 0 disables this option. type: int always_update_password: default: false description: - Since passwords are not returned by the API and are encrypted on the endpoint, this option will instruct the module when to change the password. - If true, the password for each user will always be updated in the policy. - If false, the password will be updated only if the user is created. type: bool enable_password_expiry: default: false description: - Enables password expiry on the endpoint. type: bool enforce_strong_password: default: true description: - If true, enables a strong password policy. - Strong password requirements:. - A. The password must have a minimum of 8 and a maximum of 20 characters. - B. The password must not contain the User's Name. - C. The password must contain characters from three of the following four categories. - 1) English uppercase characters (A through Z). - 2) English lowercase characters (a through z). - 3) Base 10 digits (0 through 9). - 4) Non-alphabetic characters (! , @, '#', $, %, ^, &, *, -, _, +, =). type: bool
api_repsonse: description: The API response output returned by the specified resource. returned: always sample: api_response: Description: User named guest with admin role EndPointUserRoles: - ChangePassword: true Enabled: true type: dict