a10_aam_authorization_policy
Synopsis
Authorization-policy configuration
Parameters
Parameters |
Choices/Defaults |
Comment |
|
|---|---|---|---|
state str/required |
[‘noop’, ‘present’, ‘absent’] |
State of the object to be created. |
|
ansible_host str/required |
Host for AXAPI authentication |
||
ansible_username str/required |
Username for AXAPI authentication |
||
ansible_password str/required |
Password for AXAPI authentication |
||
ansible_port int/required |
Port for AXAPI authentication |
||
a10_device_context_id int |
[‘1-8’] |
Device ID for aVCS configuration |
|
a10_partition str |
Destination/target partition for object/command |
||
name str/required |
Specify authorization policy name |
||
attribute_rule str |
Define attribute rule for authorization policy |
||
server str |
Specify a LDAP or RADIUS server for authorization (Specify a LDAP or RADIUS server name) |
||
service_group str |
Specify an authentication service group for authorization (Specify authentication service group name) |
||
jwt_authorization str |
Specify JWT authorization template (Specify JWT authorization template name) |
||
extended_filter str |
Extended search filter. EX= Check whether user belongs to a nested group. (memberOf=1.2.840.113556.1.4.1941==$GROUP-DN) |
||
forward_policy_authorize_only bool |
This policy only provides server info for forward policy feature |
||
uuid str |
uuid of the object |
||
user_tag str |
Customized tag |
||
attribute_list list |
Field attribute_list |
||
attr_num int |
Set attribute ID for authorization policy |
||
attribute_name str |
Specify attribute name |
||
any bool |
Matched when attribute is present (with any value). |
||
attr_type bool |
Specify attribute type |
||
string_type bool |
Attribute type is string |
||
integer_type bool |
Attribute type is integer |
||
ip_type bool |
IP address is transformed into network byte order |
||
number_type bool |
Attribute type is decimal number |
||
attr_str str |
‘match’= Operation type is match; ‘sub-string’= Operation type is sub-string; |
||
attr_str_val str |
Set attribute value |
||
attr_int str |
‘equal’= Operation type is equal; ‘not-equal’= Operation type is not equal; ‘less-than’= Operation type is less-than; ‘more-than’= Operation type is more- than; ‘less-than-equal-to’= Operation type is less-than-equal-to; ‘more-than- equal-to’= Operation type is more-thatn-equal-to; |
||
attr_int_val int |
Set attribute value |
||
attr_ip str |
‘equal’= Operation type is equal; ‘not-equal’= Operation type is not-equal; |
||
attr_ipv4 str |
IPv4 address |
||
attr_number str |
‘equal’= Operation type is equal; ‘not-equal’= Operation type is not equal; ‘less-than’= Operation type is less-than; ‘more-than’= Operation type is more- than; ‘less-than-equal-to’= Operation type is less-than-equal-to; ‘more-than- equal-to’= Operation type is more-thatn-equal-to; |
||
attr_number_val str |
Set attribute value |
||
A10_AX_AUTH_URI bool |
Custom-defined attribute |
||
custom_attr_type bool |
Specify attribute type |
||
custom_attr_str str |
‘match’= Operation type is match; ‘sub-string’= Operation type is sub-string; |
||
a10_dynamic_defined bool |
The value of this attribute will depend on AX configuration instead of user configuration |
||
uuid str |
uuid of the object |
||
jwt_claim_map_list list |
Field jwt_claim_map_list |
||
attr_num int |
Spcify attribute ID for claim mapping |
||
claim str |
Specify JWT claim name to map to. |
||
ntype bool |
Specify claim type |
||
string_type bool |
Claim type is string |
||
number_type bool |
Claim type is number |
||
boolean_type bool |
Claim type is boolean |
||
str_val str |
Specify JWT claim value. |
||
num_val int |
Specify JWT claim value. |
||
bool_val str |
‘true’= True; ‘false’= False; |
||
uuid str |
uuid of the object |
||
Examples
Return Values
- modified_values (changed, dict, )
Values modified (or potential changes if using check_mode) as a result of task operation
- axapi_calls (always, list, )
Sequential list of AXAPI calls made by the task
- endpoint (, str, [‘/axapi/v3/slb/virtual_server’, ‘/axapi/v3/file/ssl-cert’])
The AXAPI endpoint being accessed.
- http_method (, str, [‘POST’, ‘GET’])
HTTP method being used by the primary task to interact with the AXAPI endpoint.
- request_body (, complex, )
Params used to query the AXAPI
- response_body (, complex, )
Response from the AXAPI
Status
This module is not guaranteed to have a backwards compatible interface. [preview]
This module is maintained by community.
Authors
A10 Networks