community.general.utm_proxy_auth_profile – create, update or destroy reverse_proxy auth_profile entry in Sophos UTM
Note
This plugin is part of the community.general collection (version 1.3.2).
To install it use: ansible-galaxy collection install community.general.
To use it in a playbook, specify: community.general.utm_proxy_auth_profile.
Synopsis
- Create, update or destroy a reverse_proxy auth_profile entry in SOPHOS UTM.
- This module needs to have the REST Ability of the UTM to be activated.
Parameters
| Parameter | Choices/Defaults | Comments |
|---|---|---|
| aaa list / elements=string / required | List of references to utm_aaa objects (allowed users or groups) | |
| backend_mode string |
| Specifies if the backend server needs authentication ([Basic|None]) |
| backend_strip_basic_auth boolean |
| Should the login data be stripped when proxying the request to the backend host |
| backend_user_prefix string | Default: "" | Prefix string to prepend to the username for backend authentication |
| backend_user_suffix string | Default: "" | Suffix string to append to the username for backend authentication |
| basic_prompt string / required | The message in the basic authentication prompt | |
| comment string | Default: "" | Optional comment string |
| frontend_cookie string | Frontend cookie name | |
| frontend_cookie_secret string | Frontend cookie secret | |
| frontend_form string | Frontend authentication form name | |
| frontend_form_template string | Default: "" | Frontend authentication form template |
| frontend_login string | Frontend login name | |
| frontend_logout string | Frontend logout name | |
| frontend_mode string |
| Frontend authentication mode (Form|Basic) |
| frontend_realm string | Frontend authentication realm | |
| frontend_session_allow_persistency boolean |
| Allow session persistency |
| frontend_session_lifetime integer / required | session lifetime | |
| frontend_session_lifetime_limited boolean |
| Specifies if limitation of session lifetime is active |
| frontend_session_lifetime_scope string |
| scope for frontend_session_lifetime (days|hours|minutes) |
| frontend_session_timeout integer / required | session timeout | |
| frontend_session_timeout_enabled boolean |
| Specifies if session timeout is active |
| frontend_session_timeout_scope string |
| scope for frontend_session_timeout (days|hours|minutes) |
| headers dictionary | A dictionary of additional headers to be sent to POST and PUT requests. Is needed for some modules | |
| logout_delegation_urls list / elements=string | Default: [] | List of logout URLs that logouts are delegated to |
| logout_mode string |
| Mode of logout (None|Delegation) |
| name string / required | The name of the object. Will be used to identify the entry | |
| redirect_to_requested_url boolean |
| Should a redirect to the requested URL be made |
| state string |
| The desired state of the object. present will create or update an objectabsent will delete an object if it was present |
| utm_host string / required | The REST Endpoint of the Sophos UTM. | |
| utm_port integer | Default: 4444 | The port of the REST interface. |
| utm_protocol string |
| The protocol of the REST Endpoint. |
| utm_token string / required | The token used to identify at the REST-API. See https://www.sophos.com/en-us/medialibrary/PDFs/documentation/UTMonAWS/Sophos-UTM-RESTful-API.pdf?la=en, Chapter 2.4.2. | |
| validate_certs boolean |
| Whether the REST interface's ssl certificate should be verified or not. |
Examples
- name: Create UTM proxy_auth_profile
community.general.utm_proxy_auth_profile:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestAuthProfileEntry
aaa: [REF_OBJECT_STRING,REF_ANOTHEROBJECT_STRING]
basic_prompt: "Authentication required: Please login"
frontend_session_lifetime: 1
frontend_session_timeout: 1
state: present
- name: Remove UTM proxy_auth_profile
community.general.utm_proxy_auth_profile:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestAuthProfileEntry
state: absent
- name: Read UTM proxy_auth_profile
community.general.utm_proxy_auth_profile:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestAuthProfileEntry
state: info
Return Values
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description | |
|---|---|---|---|
| result complex | success | The utm object that was created | |
| _locked boolean | success | Whether or not the object is currently locked | |
| _ref string | success | The reference name of the object | |
| _type string | success | The type of the object | |
| aaa list / elements=string | success | List of references to utm_aaa objects (allowed users or groups) | |
| backend_mode string | success | Specifies if the backend server needs authentication ([Basic|None]) | |
| backend_strip_basic_auth boolean | success | Should the login data be stripped when proxying the request to the backend host | |
| backend_user_prefix string | success | Prefix string to prepend to the username for backend authentication | |
| backend_user_suffix string | success | Suffix string to append to the username for backend authentication | |
| basic_prompt string | success | The message in the basic authentication prompt | |
| comment string | success | Optional comment string | |
| frontend_cookie string | success | Frontend cookie name | |
| frontend_cookie_secret string | success | Frontend cookie secret | |
| frontend_form string | success | Frontend authentication form name | |
| frontend_form_template string | success | Frontend authentication form template | |
| frontend_login string | success | Frontend login name | |
| frontend_logout string | success | Frontend logout name | |
| frontend_mode string | success | Frontend authentication mode (Form|Basic) | |
| frontend_realm string | success | Frontend authentication realm | |
| frontend_session_allow_persistency boolean | success | Allow session persistency | |
| frontend_session_lifetime integer | success | session lifetime | |
| frontend_session_lifetime_limited boolean | success | Specifies if limitation of session lifetime is active | |
| frontend_session_lifetime_scope string | success | scope for frontend_session_lifetime (days|hours|minutes) | |
| frontend_session_timeout integer | success | session timeout | |
| frontend_session_timeout_enabled boolean | success | Specifies if session timeout is active | |
| frontend_session_timeout_scope string | success | scope for frontend_session_timeout (days|hours|minutes) | |
| logout_delegation_urls list / elements=string | success | List of logout URLs that logouts are delegated to | |
| logout_mode string | success | Mode of logout (None|Delegation) | |
| name string | success | The name of the object | |
| redirect_to_requested_url boolean | success | Should a redirect to the requested URL be made | |
Authors
- Stephan Schwarz (@stearz)
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.10/collections/community/general/utm_proxy_auth_profile_module.html