purestorage.flasharray.purefa_saml module – Manage FlashArray SAML2 service and identity providers
Note
This module is part of the purestorage.flasharray collection (version 1.32.0).
You might already have this collection installed if you are using the ansible
package.
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install purestorage.flasharray
.
You need further requirements to be able to use this module,
see Requirements for details.
To use it in a playbook, specify: purestorage.flasharray.purefa_saml
.
New in purestorage.flasharray 1.12.0
Synopsis
Enable or disable FlashArray SAML2 providers
Requirements
The below requirements are needed on the host that executes this module.
python >= 3.3
purestorage >= 1.19
py-pure-client >= 1.26.0
netaddr
requests
pycountry
urllib3
Parameters
Parameter |
Comments |
---|---|
FlashArray API token for admin privileged user. |
|
The URL of the FlashArray |
|
The credential used by the service provider to decrypt encrypted SAML assertions from the identity provider |
|
Disable insecure certificate warnings in debug logs Choices:
|
|
Defines the enabled state of the identity provider Choices:
|
|
If set to true, SAML assertions will be encrypted by the identity provider Choices:
|
|
FlashArray management IPv4 address or Hostname. |
|
The URL of the identity provider metadata |
|
Name of the SAML2 identity provider (IdP) |
|
If set to true, SAML requests will be signed by the service provider. Choices:
|
|
The credential used by the service provider to sign SAML requests |
|
Define whether the API client should exist or not, or test. Choices:
|
|
The URL of the identity provider |
|
The X509 certificate that the service provider uses to verify the SAML response signature from the identity provider |
Notes
Note
This module requires the
purestorage
andpy-pure-client
Python librariesAdditional Python librarues may be required for specific modules.
You must set
PUREFA_URL
andPUREFA_API
environment variables if fa_url and api_token arguments are not passed to the module directly
Examples
- name: Create (disabled) SAML2 SSO with only metadata URL
purestorage.flasharray.purefa_saml:
name: myIDP
array_url: "https://10.10.10.2"
metadata_url: "https://myidp.acme.com/adfs/ls"
x509_cert: "{{lookup('file', 'x509_cert_file') }}"
fa_url: 10.10.10.2
api_token: e31060a7-21fc-e277-6240-25983c6c4592
- name: Enable SAML2 SSO
purestorage.flasharray.purefa_saml:
name: myISO
enabled: true
fa_url: 10.10.10.2
api_token: e31060a7-21fc-e277-6240-25983c6c4592
- name: Delete SAML2 SSO
purestorage.flasharray.purefa_saml:
state: absent
name: myIDP
fa_url: 10.10.10.2
api_token: e31060a7-21fc-e277-6240-25983c6c4592