Try SpotterManage PAN-OS administrator user accounts.
| "added in version" 1.0.0 of paloaltonetworks.panos"
Authors: Garfield Lee Freeman (@shinmog)
Install with ansible-galaxy collection install paloaltonetworks.panos:==2.19.1
collections:
- name: paloaltonetworks.panos
version: 2.19.1Manages PAN-OS administrator user accounts.
# Configure user "foo"
- name: configure foo administrator
paloaltonetworks.panos.panos_administrator:
provider: '{{ provider }}'
admin_username: 'foo'
admin_password: 'secret'
superuser: true
port:
default: 443
description:
- B(Deprecated)
- Use I(provider) to specify PAN-OS connectivity instead.
- HORIZONTALLINE
- The port number to connect to the PAN-OS device on.
type: int
vsys:
description:
- This is for multi-vsys physical firewalls only.
- The list of vsys this admin should manage.
elements: str
type: list
state:
choices:
- present
- absent
- replaced
- merged
- deleted
- gathered
default: present
description:
- The state.
type: str
commit:
description:
- B(Deprecated)
- Please use M(paloaltonetworks.panos.panos_commit_firewall), M(paloaltonetworks.panos.panos_commit_panorama),
M(paloaltonetworks.panos.panos_commit_push) instead.
- HORIZONTALLINE
- Commit changes after creating object. If I(ip_address) is a Panorama device, and
I(device_group) or I(template) are also set, perform a commit to Panorama and a
commit-all to the device group/template.
type: bool
api_key:
description:
- B(Deprecated)
- Use I(provider) to specify PAN-OS connectivity instead.
- HORIZONTALLINE
- The API key to use instead of generating it using I(username) / I(password).
type: str
password:
description:
- B(Deprecated)
- Use I(provider) to specify PAN-OS connectivity instead.
- HORIZONTALLINE
- The password to use for authentication. This is ignored if I(api_key) is specified.
type: str
provider:
description:
- A dict object containing connection details.
suboptions:
api_key:
description:
- The API key to use instead of generating it using I(username) / I(password).
type: str
ip_address:
description:
- The IP address or hostname of the PAN-OS device being configured.
type: str
password:
description:
- The password to use for authentication. This is ignored if I(api_key) is specified.
type: str
port:
default: 443
description:
- The port number to connect to the PAN-OS device on.
type: int
serial_number:
description:
- The serial number of a firewall to use for targeted commands. If I(ip_address)
is not a Panorama PAN-OS device, then this param is ignored.
type: str
username:
default: admin
description:
- The username to use for authentication. This is ignored if I(api_key) is specified.
type: str
type: dict
version_added: 1.0.0
version_added_collection: paloaltonetworks.panos
template:
description:
- (Panorama only) The template this operation should target. Mutually exclusive with
I(template_stack).
type: str
username:
default: admin
description:
- B(Deprecated)
- Use I(provider) to specify PAN-OS connectivity instead.
- HORIZONTALLINE
- The username to use for authentication. This is ignored if I(api_key) is specified.
type: str
superuser:
description:
- Admin type - superuser
type: bool
ip_address:
description:
- B(Deprecated)
- Use I(provider) to specify PAN-OS connectivity instead.
- HORIZONTALLINE
- The IP address or hostname of the PAN-OS device being configured.
type: str
admin_phash:
description:
- New password hash for the I(admin_username) user
- If this is not specified, then the phash is left as-is.
type: str
device_admin:
description:
- Admin type - device admin
type: bool
role_profile:
description:
- The role based profile.
type: str
admin_password:
description:
- New plain text password for the I(admin_username) user.
- If this is not specified, then the password is left as-is.
- Takes priority over I(admin_phash)
type: str
admin_username:
default: admin
description:
- Admin name.
type: str
panorama_admin:
description:
- This is for Panorama only.
- Make the user a Panorama admin only
type: bool
ssh_public_key:
description:
- Use public key authentication (ssh)
type: str
template_stack:
description:
- (Panorama only) The template stack this operation should target. Mutually exclusive
with I(template).
type: str
vsys_read_only:
description:
- This is for multi-vsys physical firewalls only.
- The list of vsys this read only admin should manage.
elements: str
type: list
gathered_filter:
description:
- When I(state=gathered).
- An advanced filtering option to filter results returned from PAN-OS.
- Refer to the guide discussing I(gathered_filter) for more information.
type: str
password_profile:
description:
- The password profile for this user.
type: str
superuser_read_only:
description:
- Admin type - superuser, read only
type: bool
web_client_cert_only:
description:
- Use only client certificate authenciation (Web)
type: bool
authentication_profile:
description:
- The authentication profile.
type: str
device_admin_read_only:
description:
- Admin type - device admin, read only
type: bool
status: description: success status returned: success sample: done type: str