community.general.utm_proxy_auth_profile – create, update or destroy reverse_proxy auth_profile entry in Sophos UTM
Note
This plugin is part of the community.general collection (version 3.8.3).
You might already have this collection installed if you are using the ansible
package.
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install community.general
.
To use it in a playbook, specify: community.general.utm_proxy_auth_profile
.
Synopsis
Create, update or destroy a reverse_proxy auth_profile entry in SOPHOS UTM.
This module needs to have the REST Ability of the UTM to be activated.
Parameters
Parameter |
Comments |
---|---|
List of references to utm_aaa objects (allowed users or groups) |
|
Specifies if the backend server needs authentication ([Basic|None]) Choices:
|
|
Should the login data be stripped when proxying the request to the backend host Choices:
|
|
Prefix string to prepend to the username for backend authentication Default: “” |
|
Suffix string to append to the username for backend authentication Default: “” |
|
The message in the basic authentication prompt |
|
Optional comment string Default: “” |
|
Frontend cookie name |
|
Frontend cookie secret |
|
Frontend authentication form name |
|
Frontend authentication form template Default: “” |
|
Frontend login name |
|
Frontend logout name |
|
Frontend authentication mode (Form|Basic) Choices:
|
|
Frontend authentication realm |
|
Allow session persistency Choices:
|
|
session lifetime |
|
Specifies if limitation of session lifetime is active Choices:
|
|
scope for frontend_session_lifetime (days|hours|minutes) Choices:
|
|
session timeout |
|
Specifies if session timeout is active Choices:
|
|
scope for frontend_session_timeout (days|hours|minutes) Choices:
|
|
A dictionary of additional headers to be sent to POST and PUT requests. Is needed for some modules |
|
List of logout URLs that logouts are delegated to Default: [] |
|
Mode of logout (None|Delegation) Choices:
|
|
The name of the object. Will be used to identify the entry |
|
Should a redirect to the requested URL be made Choices:
|
|
The desired state of the object.
Choices:
|
|
The REST Endpoint of the Sophos UTM. |
|
The port of the REST interface. Default: 4444 |
|
The protocol of the REST Endpoint. Choices:
|
|
The token used to identify at the REST-API. See https://www.sophos.com/en-us/medialibrary/PDFs/documentation/UTMonAWS/Sophos-UTM-RESTful-API.pdf?la%3Den, Chapter 2.4.2. |
|
Whether the REST interface’s ssl certificate should be verified or not. Choices:
|
Examples
- name: Create UTM proxy_auth_profile
community.general.utm_proxy_auth_profile:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestAuthProfileEntry
aaa: [REF_OBJECT_STRING,REF_ANOTHEROBJECT_STRING]
basic_prompt: "Authentication required: Please login"
frontend_session_lifetime: 1
frontend_session_timeout: 1
state: present
- name: Remove UTM proxy_auth_profile
community.general.utm_proxy_auth_profile:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestAuthProfileEntry
state: absent
- name: Read UTM proxy_auth_profile
community.general.utm_proxy_auth_profile:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestAuthProfileEntry
state: info
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
---|---|
The utm object that was created Returned: success |
|
Whether or not the object is currently locked Returned: success |
|
The reference name of the object Returned: success |
|
The type of the object Returned: success |
|
List of references to utm_aaa objects (allowed users or groups) Returned: success |
|
Specifies if the backend server needs authentication ([Basic|None]) Returned: success |
|
Should the login data be stripped when proxying the request to the backend host Returned: success |
|
Prefix string to prepend to the username for backend authentication Returned: success |
|
Suffix string to append to the username for backend authentication Returned: success |
|
The message in the basic authentication prompt Returned: success |
|
Optional comment string Returned: success |
|
Frontend cookie name Returned: success |
|
Frontend authentication form name Returned: success |
|
Frontend authentication form template Returned: success |
|
Frontend login name Returned: success |
|
Frontend logout name Returned: success |
|
Frontend authentication mode (Form|Basic) Returned: success |
|
Frontend authentication realm Returned: success |
|
Allow session persistency Returned: success |
|
session lifetime Returned: success |
|
Specifies if limitation of session lifetime is active Returned: success |
|
scope for frontend_session_lifetime (days|hours|minutes) Returned: success |
|
session timeout Returned: success |
|
Specifies if session timeout is active Returned: success |
|
scope for frontend_session_timeout (days|hours|minutes) Returned: success |
|
List of logout URLs that logouts are delegated to Returned: success |
|
Mode of logout (None|Delegation) Returned: success |
|
The name of the object Returned: success |
|
Should a redirect to the requested URL be made Returned: success |
Authors
Stephan Schwarz (@stearz)