infoblox.nios_modules.nios_adminuser module – Configure Infoblox NIOS Adminuser

Note

This module is part of the infoblox.nios_modules collection (version 1.8.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install infoblox.nios_modules. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: infoblox.nios_modules.nios_adminuser.

New in infoblox.nios_modules 1.8.0

Synopsis

  • Adds and/or removes instances of adminuser objects from Infoblox NIOS servers. This module manages NIOS adminuser objects using the Infoblox WAPI interface over REST.

Requirements

The below requirements are needed on the host that executes this module.

  • infoblox-client

Parameters

Parameter

Comments

admin_groups

list / elements=string / required

The names of the Admin Groups to which this Admin User belongs. Currently, this is limited to only one Admin Group.

auth_method

string

Authentication method for the admin user.

Choices:

  • "KEYPAIR" ← (default)

  • "KEYPAIR_PASSWORD"

auth_type

string

Authentication type for the admin user.

Choices:

  • "LOCAL" ← (default)

  • "REMOTE"

  • "SAML"

  • "SAML_LOCAL"

ca_certificate_issuer

string

The CA certificate that is used for user lookup during authentication.

client_certificate_serial_number

string

The serial number of the client certificate.

comment

string

Configures a text string comment to be associated with the instance of this object. The provided text string will be configured on the object instance.

disable

boolean

Determines whether the admin user is disabled or not. When this is set to False, the admin user is enabled.

Choices:

  • false ← (default)

  • true

email

string

Email address of the admin user.

enable_certificate_authentication

boolean

Determines whether the user is allowed to log in only with the certificate. Regular username/password authentication will be disabled for this user.

Choices:

  • false ← (default)

  • true

extattrs

dictionary

Allows for the configuration of Extensible Attributes on the instance of the object. This argument accepts a set of key / value pairs for configuration.

name

string / required

Specifies the adminuser name to add or remove from the system. Users can also update the name as it is possible to pass a dict containing new_name, old_name. See examples.

password

string

The password for the administrator to use when logging in.

provider

dictionary

A dict object containing connection details.

cert

string

Specifies the client certificate file with digest of x509 config for extra layer secure connection the remote instance of NIOS.

Value can also be specified using INFOBLOX_CERT environment variable.

host

string

Specifies the DNS host name or address for connecting to the remote instance of NIOS WAPI over REST

Value can also be specified using INFOBLOX_HOST environment variable.

http_pool_connections

integer

Insert decription here

Default: 10

http_pool_maxsize

integer

Insert description here

Default: 10

http_request_timeout

integer

The amount of time before to wait before receiving a response

Value can also be specified using INFOBLOX_HTTP_REQUEST_TIMEOUT environment variable.

Default: 10

key

string

Specifies private key file for encryption with the certificate in order to connect with remote instance of NIOS.

Value can also be specified using INFOBLOX_KEY environment variable.

max_results

integer

Specifies the maximum number of objects to be returned, if set to a negative number the appliance will return an error when the number of returned objects would exceed the setting.

Value can also be specified using INFOBLOX_MAX_RESULTS environment variable.

Default: 1000

max_retries

integer

Configures the number of attempted retries before the connection is declared usable

Value can also be specified using INFOBLOX_MAX_RETRIES environment variable.

Default: 3

password

string

Specifies the password to use to authenticate the connection to the remote instance of NIOS.

Value can also be specified using INFOBLOX_PASSWORD environment variable.

silent_ssl_warnings

boolean

Insert description here

Choices:

  • false

  • true ← (default)

username

string

Configures the username to use to authenticate the connection to the remote instance of NIOS.

Value can also be specified using INFOBLOX_USERNAME environment variable.

validate_certs

aliases: ssl_verify

boolean

Boolean value to enable or disable verifying SSL certificates

Value can also be specified using INFOBLOX_SSL_VERIFY environment variable.

Choices:

  • false ← (default)

  • true

wapi_version

string

Specifies the version of WAPI to use

Value can also be specified using INFOBLOX_WAPI_VERSION environment variable.

Until ansible 2.8 the default WAPI was 1.4

Default: "2.12.3"

ssh_keys

list / elements=dictionary

List of SSH keys for the admin user.

Default: []

key_name

string

Unique identifier for the key

key_type

string

Type of the SSH key.

Choices:

  • "ECDSA"

  • "ED25519"

  • "RSA"

key_value

string

SSH key text.

state

string

Configures the intended state of the instance of the object on the NIOS server. When this value is set to present, the object is configured on the device and when this value is set to absent the value is removed (if necessary) from the device.

Choices:

  • "present" ← (default)

  • "absent"

time_zone

string

The time zone for this admin user.

Default: "UTC"

use_ssh_keys

boolean

Enable/disable the ssh keypair authentication.

Choices:

  • false ← (default)

  • true

use_time_zone

boolean

Use flag for time_zone.

Choices:

  • false ← (default)

  • true

Notes

Note

  • This module supports check_mode.

  • This module must be run locally, which can be achieved by specifying connection: local.

  • Please read the :ref:`nios_guide` for more detailed information on how to use Infoblox with Ansible.

Examples

- name: Create a new admin user
  infoblox.nios_modules.nios_adminuser:
    name: ansible_user
    admin_groups: admin-group
    password: "secure_password"
    state: present
    provider:
      host: "{{ inventory_hostname_short }}"
      username: admin
      password: admin
  connection: local

- name: Update admin user name
  infoblox.nios_modules.nios_adminuser:
    name: {new_name: new_user, old_name: ansible_user}
    admin_groups: admin-group
    state: present
    provider:
      host: "{{ inventory_hostname_short }}"
      username: admin
      password: admin
  connection: local

- name: Create admin user with remote authentication
  infoblox.nios_modules.nios_adminuser:
    name: remote_admin_user
    admin_groups: admin-group
    auth_type: "REMOTE"
    email: "[email protected]"
    use_time_zone: true
    time_zone: 'US/Hawaii'
    extattrs:
      Site: "USA"
    state: present
    provider:
      host: "{{ inventory_hostname_short }}"
      username: admin
      password: admin
  connection: local

- name: Create admin user with ssh keys
  infoblox.nios_modules.nios_adminuser:
    name: cloud_user
    admin_groups: cloud-api-only
    comment: "Created by Ansible"
    disable : false
    password: "secure_password"
    use_ssh_keys: true
    ssh_keys:
      - key_name: "sshkey1"
        key_type: "RSA"
        key_value: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
      - key_name: "sshkey2"
        key_type: "ECDSA"
        key_value: "{{ lookup('file', '~/.ssh/id_ecdsa.pub') }}"
    state: present
    provider:
      host: "{{ inventory_hostname_short }}"
      username: admin
      password: admin
  connection: local

- name: Update admin user to enable certificate authentication
  infoblox.nios_modules.nios_adminuser:
    name: admin_user
    admin_groups: admin-group
    enable_certificate_authentication: true
    ca_certificate_issuer: 'CN="ib-root-ca"'
    client_certificate_serial_number: "397F9435000100000031"
    state: present
    provider:
      host: "{{ inventory_hostname_short }}"
      username: admin
      password: admin
  connection: local

- name: Remove admin user
  infoblox.nios_modules.nios_adminuser:
    name: new_user
    admin_groups: admin-group
    state: absent
    provider:
      host: "{{ inventory_hostname_short }}"
      username: admin
      password: admin
  connection: local

Authors

  • Nitish K S (@nitish-ks)