junipernetworks.junos.junos_user module – Manage local user accounts on Juniper JUNOS devices
Note
This module is part of the junipernetworks.junos collection (version 2.10.0).
You might already have this collection installed if you are using the ansible
package.
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install junipernetworks.junos
.
To use it in a playbook, specify: junipernetworks.junos.junos_user
.
New in version 1.0.0: of junipernetworks.junos
Synopsis
This module manages locally configured user accounts on remote network devices running the JUNOS operating system. It provides a set of arguments for creating, removing and updating locally defined accounts
Note
This module has a corresponding action plugin.
Requirements
The below requirements are needed on the host that executes this module.
ncclient (>=v0.5.2)
Parameters
Parameter |
Comments |
---|---|
Specifies whether or not the configuration is active or deactivated Choices:
|
|
The |
|
Specifies whether or not the configuration is active or deactivated Choices:
|
|
The |
|
The |
|
The |
|
The Choices:
|
|
The Choices:
|
|
The |
|
The Choices:
|
|
The |
|
The |
|
The |
|
Deprecated Starting with Ansible 2.5 we recommend using For more information please see the Junos OS Platform Options guide. A dict object containing connection details. |
|
Specifies the DNS host name or address for connecting to the remote device over the specified transport. The value of host is used as the destination address for the transport. |
|
Specifies the password to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable |
|
Specifies the port to use when building the connection to the remote device. The port value will default to the well known SSH port of 22 (for |
|
Specifies the SSH key to use to authenticate the connection to the remote device. This value is the path to the key used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable |
|
Specifies the timeout in seconds for communicating with the network device for either connecting or sending commands. If the timeout is exceeded before the operation is completed, the module will error. |
|
Configures the transport connection to use when connecting to the remote device. Choices:
|
|
Configures the username to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable |
|
The Choices:
|
|
The Choices:
|
|
The |
|
The Choices:
|
Notes
Note
This module requires the netconf system service be enabled on the remote device being managed.
Tested against vSRX JUNOS version 15.1X49-D15.4, vqfx-10000 JUNOS Version 15.1X53-D60.4.
Recommended connection is
netconf
. See the Junos OS Platform Options.This module also works with
local
connections for legacy playbooks.For information on using CLI and netconf see the Junos OS Platform Options guide
For more information on using Ansible to manage network devices see the Ansible Network Guide
For more information on using Ansible to manage Juniper network devices see https://www.ansible.com/ansible-juniper.
Examples
- name: create new user account
junipernetworks.junos.junos_user:
name: ansible
role: super-user
sshkey: "{{ lookup('file', '~/.ssh/ansible.pub') }}"
state: present
- name: remove a user account
junipernetworks.junos.junos_user:
name: ansible
state: absent
- name: remove all user accounts except ansible
junipernetworks.junos.junos_user:
aggregate:
- name: ansible
purge: yes
- name: set user password
junipernetworks.junos.junos_user:
name: ansible
role: super-user
encrypted_password: "{{ 'my-password' | password_hash('sha512') }}"
state: present
- name: Create list of users
junipernetworks.junos.junos_user:
aggregate:
- {name: test_user1, full_name: test_user2, role: operator, state: present}
- {name: test_user2, full_name: test_user2, role: read-only, state: present}
- name: Delete list of users
junipernetworks.junos.junos_user:
aggregate:
- {name: test_user1, full_name: test_user2, role: operator, state: absent}
- {name: test_user2, full_name: test_user2, role: read-only, state: absent}
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
---|---|
Configuration difference before and after applying change. Returned: when configuration is changed and diff option is enabled. Sample: “[edit system login] + user test-user { + uid 2005; + class read-only; + }\n” |
Authors
Peter Sprygada (@privateip)