utm_aaa_group – Create, update or destroy an aaa group object in Sophos UTM¶
New in version 2.8.
Synopsis¶
- Create, update or destroy an aaa group object in Sophos UTM.
- This module needs to have the REST Ability of the UTM to be activated.
Parameters¶
| Parameter | Choices/Defaults | Comments | 
|---|---|---|
| adirectory_groups 
                    list
                                                                 | List of adirectory group strings. | |
| adirectory_groups_sids 
                    dictionary
                                                                 | Dictionary of group sids. | |
| backend_match 
                    string
                                                                 | 
 | The backend for the group. | 
| comment 
                    string
                                                                 | Default: "" | Comment that describes the AAA group. | 
| dynamic 
                    string
                                                                 | 
 | Group type. Is static if none is selected. | 
| edirectory_groups 
                    list
                                                                 | List of edirectory group strings. | |
| headers 
                    dictionary
                                                                 | A dictionary of additional headers to be sent to POST and PUT requests. Is needed for some modules | |
| ipsec_dn 
                    string
                                                                 | The ipsec dn string. | |
| ldap_attribute 
                    string
                                                                 | The ldap attribute to check against. | |
| ldap_attribute_value 
                    string
                                                                 | The ldap attribute value to check against. | |
| members 
                    list
                                                                 | Default: [] | A list of user ref names (aaa/user). | 
| name 
                    string
                                             / required                     | The name of the object. Will be used to identify the entry. | |
| network 
                    string
                                                                 | Default: "" | The network reference name. The objects contains the known ip addresses for the authentication object (network/aaa). | 
| radius_groups 
                    list
                                                                 | Default: [] | A list of radius group strings. | 
| state 
                    string
                                                                 | 
 | The desired state of the object. presentwill create or update an objectabsentwill delete an object if it was present | 
| tacacs_groups 
                    list
                                                                 | Default: [] | A list of tacacs group strings. | 
| utm_host 
                    string
                                             / required                     | The REST Endpoint of the Sophos UTM. | |
| utm_port 
                    integer
                                                                 | Default: 4444 | The port of the REST interface. | 
| utm_protocol 
                    string
                                                                 | 
 | The protocol of the REST Endpoint. | 
| utm_token 
                    string
                                             / required                     | The token used to identify at the REST-API. See https://www.sophos.com/en-us/medialibrary/PDFs/documentation/UTMonAWS/Sophos-UTM-RESTful-API.pdf?la=en, Chapter 2.4.2. | |
| validate_certs 
                    boolean
                                                                 | 
 | Whether the REST interface's ssl certificate should be verified or not. | 
Examples¶
- name: Create UTM aaa_group
  utm_aaa_group:
    utm_host: sophos.host.name
    utm_token: abcdefghijklmno1234
    name: TestAAAGroupEntry
    backend_match: ldap
    dynamic: directory_groups
    ldap_attributes: memberof
    ldap_attributes_value: "cn=groupname,ou=Groups,dc=mydomain,dc=com"
    network: REF_OBJECT_STRING
    state: present
- name: Remove UTM aaa_group
  utm_aaa_group:
    utm_host: sophos.host.name
    utm_token: abcdefghijklmno1234
    name: TestAAAGroupEntry
    state: absent
Return Values¶
Common return values are documented here, the following are the fields unique to this module:
Status¶
- This module is not guaranteed to have a backwards compatible interface. [preview]
- This module is maintained by the Ansible Community. [community]
Authors¶
- Johannes Brunswicker (@MatrixCrawler)
Hint
If you notice any issues in this documentation, you can edit this document to improve it.
