community / community.general / 1.3.11 / module / utm_aaa_group Create, update or destroy an aaa group object in Sophos UTM. Authors: Johannes Brunswicker (@MatrixCrawler)community.general.utm_aaa_group (1.3.11) — module
Install with ansible-galaxy collection install community.general:==1.3.11
collections: - name: community.general version: 1.3.11
Create, update or destroy an aaa group object in Sophos UTM.
This module needs to have the REST Ability of the UTM to be activated.
- name: Create UTM aaa_group community.general.utm_aaa_group: utm_host: sophos.host.name utm_token: abcdefghijklmno1234 name: TestAAAGroupEntry backend_match: ldap dynamic: directory_groups ldap_attributes: memberof ldap_attributes_value: "cn=groupname,ou=Groups,dc=mydomain,dc=com" network: REF_OBJECT_STRING state: present
- name: Remove UTM aaa_group community.general.utm_aaa_group: utm_host: sophos.host.name utm_token: abcdefghijklmno1234 name: TestAAAGroupEntry state: absent
name: description: - The name of the object. Will be used to identify the entry. required: true type: str state: choices: - absent - present default: present description: - The desired state of the object. - C(present) will create or update an object - C(absent) will delete an object if it was present type: str comment: default: '' description: - Comment that describes the AAA group. type: str dynamic: choices: - none - ipsec_dn - directory_groups default: none description: - Group type. Is static if none is selected. type: str headers: description: - A dictionary of additional headers to be sent to POST and PUT requests. - Is needed for some modules required: false type: dict members: default: [] description: - A list of user ref names (aaa/user). elements: str type: list network: default: '' description: - The network reference name. The objects contains the known ip addresses for the authentication object (network/aaa). type: str ipsec_dn: description: - The ipsec dn string. type: str utm_host: description: - The REST Endpoint of the Sophos UTM. required: true type: str utm_port: default: 4444 description: - The port of the REST interface. type: int utm_token: description: - The token used to identify at the REST-API. See U(https://www.sophos.com/en-us/medialibrary/PDFs/documentation/UTMonAWS/Sophos-UTM-RESTful-API.pdf?la=en), Chapter 2.4.2. required: true type: str utm_protocol: choices: - http - https default: https description: - The protocol of the REST Endpoint. type: str backend_match: choices: - none - adirectory - edirectory - radius - tacacs - ldap default: none description: - The backend for the group. type: str radius_groups: default: [] description: - A list of radius group strings. elements: str type: list tacacs_groups: default: [] description: - A list of tacacs group strings. elements: str type: list ldap_attribute: description: - The ldap attribute to check against. type: str validate_certs: default: true description: - Whether the REST interface's ssl certificate should be verified or not. type: bool adirectory_groups: description: - List of adirectory group strings. elements: str type: list edirectory_groups: description: - List of edirectory group strings. elements: str type: list ldap_attribute_value: description: - The ldap attribute value to check against. type: str adirectory_groups_sids: description: - Dictionary of group sids. type: dict
result: contains: _locked: description: Whether or not the object is currently locked. type: bool _ref: description: The reference name of the object. type: str _type: description: The type of the object. type: str adirectory_groups: description: List of Active Directory Groups. type: str adirectory_groups_sids: description: List of Active Directory Groups SIDS. type: list backend_match: description: The backend to use. type: str comment: description: The comment string. type: str dynamic: description: Whether the group match is ipsec_dn or directory_group. type: str edirectory_groups: description: List of eDirectory Groups. type: str ipsec_dn: description: ipsec_dn identifier to match. type: str ldap_attribute: description: The LDAP Attribute to match against. type: str ldap_attribute_value: description: The LDAP Attribute Value to match against. type: str members: description: List of member identifiers of the group. type: list name: description: The name of the object. type: str network: description: The identifier of the network (network/aaa). type: str radius_group: description: The radius group identifier. type: str tacacs_group: description: The tacacs group identifier. type: str description: The utm object that was created. returned: success type: complex