utm_proxy_auth_profile – create, update or destroy reverse_proxy auth_profile entry in Sophos UTM

New in version 2.8.

Synopsis

  • Create, update or destroy a reverse_proxy auth_profile entry in SOPHOS UTM.
  • This module needs to have the REST Ability of the UTM to be activated.

Parameters

Parameter Choices/Defaults Comments
aaa
- / required
List of references to utm_aaa objects (allowed users or groups)
backend_mode
-
    Choices:
  • Basic
  • None
Specifies if the backend server needs authentication ([Basic|None])
backend_strip_basic_auth
boolean
    Choices:
  • no
  • yes
Should the login data be stripped when proxying the request to the backend host
backend_user_prefix
-
Default:
""
Prefix string to prepend to the username for backend authentication
backend_user_suffix
-
Default:
""
Suffix string to append to the username for backend authentication
basic_prompt
- / required
The message in the basic authentication prompt
comment
-
Default:
""
Optional comment string
frontend_cookie
-
Frontend cookie name
frontend_cookie_secret
-
Frontend cookie secret
frontend_form
-
Frontend authentication form name
frontend_form_template
-
Default:
""
Frontend authentication form template
frontend_login
-
Frontend login name
frontend_logout
-
Frontend logout name
frontend_mode
-
    Choices:
  • Basic
  • Form
Frontend authentication mode (Form|Basic)
frontend_realm
-
Frontend authentication realm
frontend_session_allow_persistency
boolean
    Choices:
  • no
  • yes
Allow session persistency
frontend_session_lifetime
- / required
session lifetime
frontend_session_lifetime_limited
boolean
    Choices:
  • no
  • yes
Specifies if limitation of session lifetime is active
frontend_session_lifetime_scope
-
    Choices:
  • days
  • hours
  • minutes
scope for frontend_session_lifetime (days|hours|minutes)
frontend_session_timeout
- / required
session timeout
frontend_session_timeout_enabled
boolean
    Choices:
  • no
  • yes
Specifies if session timeout is active
frontend_session_timeout_scope
-
    Choices:
  • days
  • hours
  • minutes
scope for frontend_session_timeout (days|hours|minutes)
headers
dictionary
A dictionary of additional headers to be sent to POST and PUT requests.
Is needed for some modules
logout_delegation_urls
-
Default:
[]
List of logout URLs that logouts are delegated to
logout_mode
-
    Choices:
  • None
  • Delegation
Mode of logout (None|Delegation)
name
- / required
The name of the object. Will be used to identify the entry
redirect_to_requested_url
boolean
    Choices:
  • no
  • yes
Should a redirect to the requested URL be made
state
string
    Choices:
  • absent
  • present
The desired state of the object.
present will create or update an object
absent will delete an object if it was present
utm_host
string / required
The REST Endpoint of the Sophos UTM.
utm_port
integer
Default:
4444
The port of the REST interface.
utm_protocol
string
    Choices:
  • http
  • https
The protocol of the REST Endpoint.
utm_token
string / required
validate_certs
boolean
    Choices:
  • no
  • yes
Whether the REST interface's ssl certificate should be verified or not.

Examples

- name: Create UTM proxy_auth_profile
  utm_proxy_auth_profile:
    utm_host: sophos.host.name
    utm_token: abcdefghijklmno1234
    name: TestAuthProfileEntry
    aaa: [REF_OBJECT_STRING,REF_ANOTHEROBJECT_STRING]
    basic_prompt: "Authentication required: Please login"
    frontend_session_lifetime: 1
    frontend_session_timeout: 1
    state: present

- name: Remove UTM proxy_auth_profile
  utm_proxy_auth_profile:
    utm_host: sophos.host.name
    utm_token: abcdefghijklmno1234
    name: TestAuthProfileEntry
    state: absent

- name: Read UTM proxy_auth_profile
  utm_proxy_auth_profile:
    utm_host: sophos.host.name
    utm_token: abcdefghijklmno1234
    name: TestAuthProfileEntry
    state: info

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
result
complex
success
The utm object that was created

_locked
boolean
Whether or not the object is currently locked

_ref
string
The reference name of the object

_type
string
The type of the object

aaa
list
List of references to utm_aaa objects (allowed users or groups)

backend_mode
string
Specifies if the backend server needs authentication ([Basic|None])

backend_strip_basic_auth
boolean
Should the login data be stripped when proxying the request to the backend host

backend_user_prefix
string
Prefix string to prepend to the username for backend authentication

backend_user_suffix
string
Suffix string to append to the username for backend authentication

basic_prompt
string
The message in the basic authentication prompt

comment
string
Optional comment string

frontend_cookie
string
Frontend cookie name

frontend_cookie_secret
string
Frontend cookie secret

frontend_form
string
Frontend authentication form name

frontend_form_template
string
Frontend authentication form template

frontend_login
string
Frontend login name

frontend_logout
string
Frontend logout name

frontend_mode
string
Frontend authentication mode (Form|Basic)

frontend_realm
string
Frontend authentication realm

frontend_session_allow_persistency
boolean
Allow session persistency

frontend_session_lifetime
integer
session lifetime

frontend_session_lifetime_limited
boolean
Specifies if limitation of session lifetime is active

frontend_session_lifetime_scope
string
scope for frontend_session_lifetime (days|hours|minutes)

frontend_session_timeout
integer
session timeout

frontend_session_timeout_enabled
boolean
Specifies if session timeout is active

frontend_session_timeout_scope
string
scope for frontend_session_timeout (days|hours|minutes)

logout_delegation_urls
list
List of logout URLs that logouts are delegated to

logout_mode
string
Mode of logout (None|Delegation)

name
string
The name of the object

redirect_to_requested_url
boolean
Should a redirect to the requested URL be made



Status

Authors

  • Stephan Schwarz (@stearz)

Hint

If you notice any issues in this documentation you can edit this document to improve it.

© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.8/modules/utm_proxy_auth_profile_module.html