utm_proxy_auth_profile – create, update or destroy reverse_proxy auth_profile entry in Sophos UTM¶
New in version 2.8.
Synopsis¶
- Create, update or destroy a reverse_proxy auth_profile entry in SOPHOS UTM.
- This module needs to have the REST Ability of the UTM to be activated.
Parameters¶
| Parameter | Choices/Defaults | Comments | 
|---|---|---|
| aaa 
                    -
                                             / required                     | List of references to utm_aaa objects (allowed users or groups) | |
| backend_mode 
                    -
                                                                 | 
 | Specifies if the backend server needs authentication ([Basic|None]) | 
| backend_strip_basic_auth 
                    boolean
                                                                 | 
 | Should the login data be stripped when proxying the request to the backend host | 
| backend_user_prefix 
                    -
                                                                 | Default: "" | Prefix string to prepend to the username for backend authentication | 
| backend_user_suffix 
                    -
                                                                 | Default: "" | Suffix string to append to the username for backend authentication | 
| basic_prompt 
                    -
                                             / required                     | The message in the basic authentication prompt | |
| comment 
                    -
                                                                 | Default: "" | Optional comment string | 
| frontend_cookie 
                    -
                                                                 | Frontend cookie name | |
| frontend_cookie_secret 
                    -
                                                                 | Frontend cookie secret | |
| frontend_form 
                    -
                                                                 | Frontend authentication form name | |
| frontend_form_template 
                    -
                                                                 | Default: "" | Frontend authentication form template | 
| frontend_login 
                    -
                                                                 | Frontend login name | |
| frontend_logout 
                    -
                                                                 | Frontend logout name | |
| frontend_mode 
                    -
                                                                 | 
 | Frontend authentication mode (Form|Basic) | 
| frontend_realm 
                    -
                                                                 | Frontend authentication realm | |
| frontend_session_allow_persistency 
                    boolean
                                                                 | 
 | Allow session persistency | 
| frontend_session_lifetime 
                    -
                                             / required                     | session lifetime | |
| frontend_session_lifetime_limited 
                    boolean
                                                                 | 
 | Specifies if limitation of session lifetime is active | 
| frontend_session_lifetime_scope 
                    -
                                                                 | 
 | scope for frontend_session_lifetime (days|hours|minutes) | 
| frontend_session_timeout 
                    -
                                             / required                     | session timeout | |
| frontend_session_timeout_enabled 
                    boolean
                                                                 | 
 | Specifies if session timeout is active | 
| frontend_session_timeout_scope 
                    -
                                                                 | 
 | scope for frontend_session_timeout (days|hours|minutes) | 
| headers 
                    dictionary
                                                                 | A dictionary of additional headers to be sent to POST and PUT requests. Is needed for some modules | |
| logout_delegation_urls 
                    -
                                                                 | Default: [] | List of logout URLs that logouts are delegated to | 
| logout_mode 
                    -
                                                                 | 
 | Mode of logout (None|Delegation) | 
| name 
                    -
                                             / required                     | The name of the object. Will be used to identify the entry | |
| redirect_to_requested_url 
                    boolean
                                                                 | 
 | Should a redirect to the requested URL be made | 
| state 
                    string
                                                                 | 
 | The desired state of the object. presentwill create or update an objectabsentwill delete an object if it was present | 
| utm_host 
                    string
                                             / required                     | The REST Endpoint of the Sophos UTM. | |
| utm_port 
                    integer
                                                                 | Default: 4444 | The port of the REST interface. | 
| utm_protocol 
                    string
                                                                 | 
 | The protocol of the REST Endpoint. | 
| utm_token 
                    string
                                             / required                     | The token used to identify at the REST-API. See https://www.sophos.com/en-us/medialibrary/PDFs/documentation/UTMonAWS/Sophos-UTM-RESTful-API.pdf?la=en, Chapter 2.4.2. | |
| validate_certs 
                    boolean
                                                                 | 
 | Whether the REST interface's ssl certificate should be verified or not. | 
Examples¶
- name: Create UTM proxy_auth_profile
  utm_proxy_auth_profile:
    utm_host: sophos.host.name
    utm_token: abcdefghijklmno1234
    name: TestAuthProfileEntry
    aaa: [REF_OBJECT_STRING,REF_ANOTHEROBJECT_STRING]
    basic_prompt: "Authentication required: Please login"
    frontend_session_lifetime: 1
    frontend_session_timeout: 1
    state: present
- name: Remove UTM proxy_auth_profile
  utm_proxy_auth_profile:
    utm_host: sophos.host.name
    utm_token: abcdefghijklmno1234
    name: TestAuthProfileEntry
    state: absent
- name: Read UTM proxy_auth_profile
  utm_proxy_auth_profile:
    utm_host: sophos.host.name
    utm_token: abcdefghijklmno1234
    name: TestAuthProfileEntry
    state: info
Return Values¶
Common return values are documented here, the following are the fields unique to this module:
Status¶
- This module is not guaranteed to have a backwards compatible interface. [preview]
- This module is maintained by the Ansible Community. [community]
Authors¶
- Stephan Schwarz (@stearz)
Hint
If you notice any issues in this documentation, you can edit this document to improve it.
