community.general.utm_proxy_auth_profile – create, update or destroy reverse_proxy auth_profile entry in Sophos UTM
Note
This plugin is part of the community.general collection (version 3.8.1).
You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install community.general.
To use it in a playbook, specify: community.general.utm_proxy_auth_profile.
Synopsis
- Create, update or destroy a reverse_proxy auth_profile entry in SOPHOS UTM.
- This module needs to have the REST Ability of the UTM to be activated.
Parameters
| Parameter | Choices/Defaults | Comments |
|---|---|---|
| aaa
list / elements=string / required
|
List of references to utm_aaa objects (allowed users or groups)
|
|
| backend_mode
string
|
|
Specifies if the backend server needs authentication ([Basic|None])
|
| backend_strip_basic_auth
boolean
|
|
Should the login data be stripped when proxying the request to the backend host
|
| backend_user_prefix
string
|
Default:
""
|
Prefix string to prepend to the username for backend authentication
|
| backend_user_suffix
string
|
Default:
""
|
Suffix string to append to the username for backend authentication
|
| basic_prompt
string / required
|
The message in the basic authentication prompt
|
|
| comment
string
|
Default:
""
|
Optional comment string
|
| frontend_cookie
string
|
Frontend cookie name
|
|
| frontend_cookie_secret
string
|
Frontend cookie secret
|
|
| frontend_form
string
|
Frontend authentication form name
|
|
| frontend_form_template
string
|
Default:
""
|
Frontend authentication form template
|
| frontend_login
string
|
Frontend login name
|
|
| frontend_logout
string
|
Frontend logout name
|
|
| frontend_mode
string
|
|
Frontend authentication mode (Form|Basic)
|
| frontend_realm
string
|
Frontend authentication realm
|
|
| frontend_session_allow_persistency
boolean
|
|
Allow session persistency
|
| frontend_session_lifetime
integer / required
|
session lifetime
|
|
| frontend_session_lifetime_limited
boolean
|
|
Specifies if limitation of session lifetime is active
|
| frontend_session_lifetime_scope
string
|
|
scope for frontend_session_lifetime (days|hours|minutes)
|
| frontend_session_timeout
integer / required
|
session timeout
|
|
| frontend_session_timeout_enabled
boolean
|
|
Specifies if session timeout is active
|
| frontend_session_timeout_scope
string
|
|
scope for frontend_session_timeout (days|hours|minutes)
|
| headers
dictionary
|
A dictionary of additional headers to be sent to POST and PUT requests.
Is needed for some modules
|
|
| logout_delegation_urls
list / elements=string
|
Default:
[]
|
List of logout URLs that logouts are delegated to
|
| logout_mode
string
|
|
Mode of logout (None|Delegation)
|
| name
string / required
|
The name of the object. Will be used to identify the entry
|
|
| redirect_to_requested_url
boolean
|
|
Should a redirect to the requested URL be made
|
| state
string
|
|
The desired state of the object.
present will create or update an object
absent will delete an object if it was present
|
| utm_host
string / required
|
The REST Endpoint of the Sophos UTM.
|
|
| utm_port
integer
|
Default:
4444
|
The port of the REST interface.
|
| utm_protocol
string
|
|
The protocol of the REST Endpoint.
|
| utm_token
string / required
|
The token used to identify at the REST-API. See https://www.sophos.com/en-us/medialibrary/PDFs/documentation/UTMonAWS/Sophos-UTM-RESTful-API.pdf?la=en, Chapter 2.4.2.
|
|
| validate_certs
boolean
|
|
Whether the REST interface's ssl certificate should be verified or not.
|
Examples
- name: Create UTM proxy_auth_profile
community.general.utm_proxy_auth_profile:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestAuthProfileEntry
aaa: [REF_OBJECT_STRING,REF_ANOTHEROBJECT_STRING]
basic_prompt: "Authentication required: Please login"
frontend_session_lifetime: 1
frontend_session_timeout: 1
state: present
- name: Remove UTM proxy_auth_profile
community.general.utm_proxy_auth_profile:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestAuthProfileEntry
state: absent
- name: Read UTM proxy_auth_profile
community.general.utm_proxy_auth_profile:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestAuthProfileEntry
state: info
Return Values
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description | |
|---|---|---|---|
| result
complex
|
success |
The utm object that was created
|
|
| _locked
boolean
|
success |
Whether or not the object is currently locked
|
|
| _ref
string
|
success |
The reference name of the object
|
|
| _type
string
|
success |
The type of the object
|
|
| aaa
list / elements=string
|
success |
List of references to utm_aaa objects (allowed users or groups)
|
|
| backend_mode
string
|
success |
Specifies if the backend server needs authentication ([Basic|None])
|
|
| backend_strip_basic_auth
boolean
|
success |
Should the login data be stripped when proxying the request to the backend host
|
|
| backend_user_prefix
string
|
success |
Prefix string to prepend to the username for backend authentication
|
|
| backend_user_suffix
string
|
success |
Suffix string to append to the username for backend authentication
|
|
| basic_prompt
string
|
success |
The message in the basic authentication prompt
|
|
| comment
string
|
success |
Optional comment string
|
|
| frontend_cookie
string
|
success |
Frontend cookie name
|
|
| frontend_form
string
|
success |
Frontend authentication form name
|
|
| frontend_form_template
string
|
success |
Frontend authentication form template
|
|
| frontend_login
string
|
success |
Frontend login name
|
|
| frontend_logout
string
|
success |
Frontend logout name
|
|
| frontend_mode
string
|
success |
Frontend authentication mode (Form|Basic)
|
|
| frontend_realm
string
|
success |
Frontend authentication realm
|
|
| frontend_session_allow_persistency
boolean
|
success |
Allow session persistency
|
|
| frontend_session_lifetime
integer
|
success |
session lifetime
|
|
| frontend_session_lifetime_limited
boolean
|
success |
Specifies if limitation of session lifetime is active
|
|
| frontend_session_lifetime_scope
string
|
success |
scope for frontend_session_lifetime (days|hours|minutes)
|
|
| frontend_session_timeout
integer
|
success |
session timeout
|
|
| frontend_session_timeout_enabled
boolean
|
success |
Specifies if session timeout is active
|
|
| frontend_session_timeout_scope
string
|
success |
scope for frontend_session_timeout (days|hours|minutes)
|
|
| logout_delegation_urls
list / elements=string
|
success |
List of logout URLs that logouts are delegated to
|
|
| logout_mode
string
|
success |
Mode of logout (None|Delegation)
|
|
| name
string
|
success |
The name of the object
|
|
| redirect_to_requested_url
boolean
|
success |
Should a redirect to the requested URL be made
|
|
Authors
- Stephan Schwarz (@stearz)
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/community/general/utm_proxy_auth_profile_module.html