Try SpotterBinding Resource definition for describing association between appfwprofile and xmldosurl resources
| "added in version" 2.0.0 of netscaler.adc"
Authors: Sumanth Lingappa (@sumanth-lingappa)
preview | supported by community
Install with ansible-galaxy collection install netscaler.adc:==2.5.1
collections:
- name: netscaler.adc
version: 2.5.1Binding Resource definition for describing association between appfwprofile and xmldosurl resources
name:
description:
- Name of the profile to which to bind an exemption or rule.
type: str
nsip:
description:
- The ip address of the NetScaler ADC appliance where the nitro API calls will be
made.
- The port can be specified with the colon (:). E.g. 192.168.1.1:555.
required: true
type: str
state:
choices:
- present
- absent
default: present
description:
- The state of the resource being configured by the module on the NetScaler ADC node.
- When C(present), the resource will be added/updated configured according to the
module's parameters.
- When C(absent), the resource will be deleted from the NetScaler ADC node.
type: str
comment:
description:
- Any comments about the purpose of profile, or other useful information about the
profile.
type: str
api_path:
default: nitro/v1/config
description:
- Base NITRO API path.
- Define only in case of an ADM service proxy call
type: str
ruletype:
choices:
- ALLOW
- DENY
description:
- Specifies rule type of binding
type: str
alertonly:
choices:
- 'ON'
- 'OFF'
description:
- Send SNMP alert?
type: str
xmldosurl:
description:
- XML DoS URL regular expression length.
type: str
nitro_pass:
description:
- The password with which to authenticate to the NetScaler ADC node.
required: false
type: str
nitro_user:
description:
- The username with which to authenticate to the NetScaler ADC node.
required: false
type: str
resourceid:
description:
- A "id" that identifies the rule.
type: str
xmlblockpi:
choices:
- 'ON'
- 'OFF'
description:
- State if XML Block PI is C(ON) or C(OFF). Protects resources from denial of service
attacks as SOAP messages cannot have processing instructions (PI) in messages.
type: str
save_config:
default: false
description:
- If C(true) the module will save the configuration on the NetScaler ADC node if it
makes any changes.
- The module will not save the configuration on the NetScaler ADC node if it made
no changes.
type: bool
xmlblockdtd:
choices:
- 'ON'
- 'OFF'
description:
- State if XML DTD is C(ON) or C(OFF). Protects against recursive Document Type Declaration
(DTD) entity expansion attacks. Also, SOAP messages cannot have DTDs in messages.
type: str
xmlmaxnodes:
description:
- Specify the maximum number of XML nodes. Protects against overflow attacks.
type: float
isautodeployed:
choices:
- AUTODEPLOYED
- NOTAUTODEPLOYED
description:
- Is the rule auto deployed by dynamic profile ?
type: str
nitro_protocol:
choices:
- http
- https
default: https
description:
- Which protocol to use when accessing the nitro API objects.
type: str
validate_certs:
default: true
description:
- If C(false), SSL certificates will not be validated. This should only be used on
personally controlled sites using self-signed certificates.
required: false
type: bool
xmlmaxelements:
description:
- Specify the maximum number of XML elements allowed. Protects against overflow attacks.
type: float
xmlmaxfilesize:
description:
- Specify the maximum size of XML messages. Protects against overflow attacks.
type: float
xmlminfilesize:
description:
- Enforces minimum message size.
type: float
nitro_auth_token:
description:
- The authentication token provided by a login operation.
type: str
version_added: 2.6.0
version_added_collection: netscaler.adc
xmlmaxattributes:
description:
- Specify maximum number of attributes per XML element. Protects against overflow
attacks.
type: float
xmlmaxnamespaces:
description:
- Specify maximum number of active namespaces. Protects against overflow attacks.
type: float
xmlmaxnodescheck:
choices:
- 'ON'
- 'OFF'
description:
- State if XML Max nodes check is C(ON) or C(OFF).
type: str
xmlsoaparraycheck:
choices:
- 'ON'
- 'OFF'
description:
- State if XML SOAP Array check is C(ON) or C(OFF).
type: str
xmlmaxelementdepth:
description:
- Maximum nesting (depth) of XML elements. This check protects against documents that
have excessive hierarchy depths.
type: float
xmlmaxelementscheck:
choices:
- 'ON'
- 'OFF'
description:
- State if XML Max elements check is C(ON) or C(OFF).
type: str
xmlmaxfilesizecheck:
choices:
- 'ON'
- 'OFF'
description:
- State if XML Max file size check is C(ON) or C(OFF).
type: str
xmlmaxsoaparrayrank:
description:
- XML Max Individual SOAP Array Rank. This is the dimension of the SOAP array.
type: float
xmlmaxsoaparraysize:
description:
- XML Max Total SOAP Array Size. Protects against SOAP Array Abuse attack.
type: float
xmlminfilesizecheck:
choices:
- 'ON'
- 'OFF'
description:
- State if XML Min file size check is C(ON) or C(OFF).
type: str
xmlmaxchardatalength:
description:
- Specify the maximum size of CDATA. Protects against overflow attacks and large quantities
of unparsed data within XML messages.
type: float
xmlmaxattributescheck:
choices:
- 'ON'
- 'OFF'
description:
- State if XML Max attributes check is C(ON) or C(OFF).
type: str
xmlmaxelementchildren:
description:
- Specify the maximum number of children allowed per XML element. Protects against
overflow attacks.
type: float
xmlmaxnamespacescheck:
choices:
- 'ON'
- 'OFF'
description:
- State if XML Max namespaces check is C(ON) or C(OFF).
type: str
xmlmaxentityexpansions:
description:
- Specify maximum allowed number of entity expansions. Protects aganist Entity Expansion
Attack.
type: float
xmlmaxelementdepthcheck:
choices:
- 'ON'
- 'OFF'
description:
- State if XML Max element depth check is C(ON) or C(OFF).
type: str
xmlmaxelementnamelength:
description:
- Specify the longest name of any element (including the expanded namespace) to protect
against overflow attacks.
type: float
xmlblockexternalentities:
choices:
- 'ON'
- 'OFF'
description:
- State if XML Block External Entities Check is C(ON) or C(OFF). Protects against
XML External Entity (XXE) attacks that force applications to parse untrusted external
entities (sources) in XML documents.
type: str
xmlmaxnamespaceurilength:
description:
- Specify the longest URI of any XML namespace. Protects against overflow attacks.
type: float
xmlmaxattributenamelength:
description:
- Specify the longest name of any XML attribute. Protects against overflow attacks.
type: float
xmlmaxchardatalengthcheck:
choices:
- 'ON'
- 'OFF'
description:
- State if XML Max CDATA length check is C(ON) or C(OFF).
type: str
xmlmaxattributevaluelength:
description:
- Specify the longest value of any XML attribute. Protects against overflow attacks.
type: float
xmlmaxelementchildrencheck:
choices:
- 'ON'
- 'OFF'
description:
- State if XML Max element children check is C(ON) or C(OFF).
type: str
xmlmaxentityexpansiondepth:
description:
- Specify maximum entity expansion depth. Protects aganist Entity Expansion Attack.
type: float
xmlmaxentityexpansionscheck:
choices:
- 'ON'
- 'OFF'
description:
- State if XML Max Entity Expansions Check is C(ON) or C(OFF).
type: str
xmlmaxelementnamelengthcheck:
choices:
- 'ON'
- 'OFF'
description:
- State if XML Max element name length check is C(ON) or C(OFF).
type: str
xmlmaxnamespaceurilengthcheck:
choices:
- 'ON'
- 'OFF'
description:
- State if XML Max namespace URI length check is C(ON) or C(OFF).
type: str
xmlmaxattributenamelengthcheck:
choices:
- 'ON'
- 'OFF'
description:
- State if XML Max attribute name length check is C(ON) or C(OFF).
type: str
xmlmaxattributevaluelengthcheck:
choices:
- 'ON'
- 'OFF'
description:
- State if XML Max atribute value length is C(ON) or C(OFF).
type: str
xmlmaxentityexpansiondepthcheck:
choices:
- 'ON'
- 'OFF'
description:
- State if XML Max Entity Expansions Depth Check is C(ON) or C(OFF).
type: str
changed:
description: Indicates if any change is made by the module
returned: always
sample: true
type: bool
diff:
description: Dictionary of before and after changes
returned: always
sample:
after:
key2: pqr
before:
key1: xyz
prepared: changes done
type: dict
diff_list:
description: List of differences between the actual configured object and the configuration
specified in the module
returned: when changed
sample:
- 'Attribute `key1` differs. Desired: (<class ''str''>) XYZ. Existing: (<class ''str''>)
PQR'
type: list
failed:
description: Indicates if the module failed or not
returned: always
sample: false
type: bool
loglines:
description: list of logged messages by the module
returned: always
sample:
- message 1
- message 2
type: list