community.zabbix.zabbix_mfa module – Create/update/delete Zabbix MFA method
Note
This module is part of the community.zabbix collection (version 3.1.2).
You might already have this collection installed if you are using the ansible
package.
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install community.zabbix
.
You need further requirements to be able to use this module,
see Requirements for details.
To use it in a playbook, specify: community.zabbix.zabbix_mfa
.
New in community.zabbix 3.1.0
Synopsis
This module allows you to create, update and delete Zabbix MFA method.
Requirements
The below requirements are needed on the host that executes this module.
python >= 3.11
Parameters
Parameter |
Comments |
---|---|
API hostname provided by the Duo authentication service. Required when |
|
Client secret provided by the Duo authentication service. Required when |
|
Client ID provided by the Duo authentication service. Required when |
|
Verification code length. Required when Choices:
|
|
Type of the hash function for generating TOTP codes. Required when Choices:
|
|
Basic Auth password |
|
Basic Auth login |
|
A type of this MFA method Choices:
|
|
Name of this MFA method |
|
State of this MFA. Choices:
|
Notes
Note
Only Zabbix >= 7.0 is supported.
This module returns changed=true when method_type is
duo_universal_prompt
as Zabbix API will not return any sensitive information back for module to compare.
Examples
# If you want to use Username and Password to be authenticated by Zabbix Server
- name: Set credentials to access Zabbix Server API
ansible.builtin.set_fact:
ansible_user: Admin
ansible_httpapi_pass: zabbix
# If you want to use API token to be authenticated by Zabbix Server
# https://www.zabbix.com/documentation/current/en/manual/web_interface/frontend_sections/administration/general#api-tokens
- name: Set API token
ansible.builtin.set_fact:
ansible_zabbix_auth_key: 8ec0d52432c15c91fcafe9888500cf9a607f44091ab554dbee860f6b44fac895
- name: Create a 'Zabbix TOTP' MFA method
# set task level variables as we change ansible_connection plugin here
vars:
ansible_network_os: community.zabbix.zabbix
ansible_connection: httpapi
ansible_httpapi_port: 443
ansible_httpapi_use_ssl: true
ansible_httpapi_validate_certs: false
ansible_zabbix_url_path: 'zabbixeu' # If Zabbix WebUI runs on non-default (zabbix) path ,e.g. http://<FQDN>/zabbixeu
ansible_host: zabbix-example-fqdn.org
community.zabbix.zabbix_mfa:
name: Zabbix TOTP
method_type: totp
hash_function: sha-1
code_length: 6
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
---|---|
The result of the creating operation Returned: success Sample: |