avi_authprofile - Module for setup of AuthProfile Avi RESTful Object

New in version 2.4.

Synopsis

Requirements

The below requirements are needed on the host that executes this module.

  • avisdk

Parameters

Parameter Choices/Defaults Comments
api_context
(added in 2.5)
Avi API context that includes current session ID and CSRF Token.
This allows user to perform single login and re-use the session.
api_version Default:
16.4.4
Avi API version of to use for Avi API and objects.
avi_api_patch_op
(added in 2.5)
    Choices:
  • add
  • replace
  • delete
Patch operation to use when using avi_api_update_method as patch.
avi_api_update_method
(added in 2.5)
    Choices:
  • put ←
  • patch
Default method for object update is HTTP PUT.
Setting to patch will override that behavior to use HTTP PATCH.
avi_credentials
(added in 2.5)
Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
controller Default:
IP address or hostname of the controller. The default value is the environment variable AVI_CONTROLLER.
description
User defined description for the object.
http
Http user authentication params.
ldap
Ldap server and directory settings.
name
required
Name of the auth profile.
password Default:
Password of Avi user in Avi controller. The default value is the environment variable AVI_PASSWORD.
saml
(added in 2.5)
Saml settings.
Field introduced in 17.2.3.
state
    Choices:
  • absent
  • present ←
The state that should be applied on the entity.
tacacs_plus
Tacacs+ settings.
tenant Default:
admin
Name of tenant used for all Avi API calls and context of object.
tenant_ref
It is a reference to an object of type tenant.
tenant_uuid Default:
UUID of tenant used for all Avi API calls and context of object.
type
required
Type of the auth profile.
Enum options - AUTH_PROFILE_LDAP, AUTH_PROFILE_TACACS_PLUS, AUTH_PROFILE_SAML.
url
Avi controller URL of the object.
username Default:
Username used for accessing Avi controller. The default value is the environment variable AVI_USERNAME.
uuid
Uuid of the auth profile.

Notes

Note

Examples

- name: Create user authorization profile based on the LDAP
  avi_authprofile:
    controller: '{{ controller }}'
    password: '{{ password }}'
    username: '{{ username }}'
    http:
      cache_expiration_time: 5
      group_member_is_full_dn: false
    ldap:
      base_dn: dc=avi,dc=local
      bind_as_administrator: true
      port: 389
      security_mode: AUTH_LDAP_SECURE_NONE
      server:
      - 10.10.0.100
      settings:
        admin_bind_dn: [email protected]
        group_filter: (objectClass=*)
        group_member_attribute: member
        group_member_is_full_dn: true
        group_search_dn: dc=avi,dc=local
        group_search_scope: AUTH_LDAP_SCOPE_SUBTREE
        ignore_referrals: true
        password: password
        user_id_attribute: samAccountname
        user_search_dn: dc=avi,dc=local
        user_search_scope: AUTH_LDAP_SCOPE_ONE
    name: ProdAuth
    tenant_ref: admin
    type: AUTH_PROFILE_LDAP

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
obj
dict
success, changed
AuthProfile (api/authprofile) object



Status

This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.

Maintenance

This module is flagged as community which means that it is maintained by the Ansible Community. See Module Maintenance & Support for more info.

For a list of other modules that are also maintained by the Ansible Community, see here.

Author

Hint

If you notice any issues in this documentation you can edit this document to improve it.