panos_userid – Allow for registration and de-registration of userid

New in version 2.6.

Synopsis

  • Userid allows for user to IP mapping that can be used in the policy rules.

Requirements

The below requirements are needed on the host that executes this module.

Parameters

Parameter Choices/Defaults Comments
api_key
string
Deprecated
Use provider to specify PAN-OS connectivity instead.

The API key to use instead of generating it using username / password.
ip_address
string
Deprecated
Use provider to specify PAN-OS connectivity instead.

The IP address or hostname of the PAN-OS device being configured.
operation
-
Removed
Use state instead.
password
string
Deprecated
Use provider to specify PAN-OS connectivity instead.

The password to use for authentication. This is ignored if api_key is specified.
port
integer
Default:
443
Deprecated
Use provider to specify PAN-OS connectivity instead.

The port number to connect to the PAN-OS device on.
provider
-
added in 2.8
A dict object containing connection details.
api_key
string
The API key to use instead of generating it using username / password.
ip_address
string
The IP address or hostname of the PAN-OS device being configured.
password
string
The password to use for authentication. This is ignored if api_key is specified.
port
integer
Default:
443
The port number to connect to the PAN-OS device on.
serial_number
string
The serial number of a firewall to use for targeted commands. If ip_address is not a Panorama PAN-OS device, then this param is ignored.
username
string
Default:
admin
The username to use for authentication. This is ignored if api_key is specified.
register_ip
- / required
IP of the user's machine that needs to be registered with userid.
state
string
    Choices:
  • present ←
  • absent
The state.
userid
- / required
User UPN
username
string
Default:
admin
Deprecated
Use provider to specify PAN-OS connectivity instead.

The username to use for authentication. This is ignored if api_key is specified.

Notes

Note

  • Checkmode is not supported.

  • Panorama is not supported.

  • This operation is runtime and does not require explicit commit of the firewall configuration.

  • PAN-OS connectivity should be specified using provider or the classic PAN-OS connectivity params (ip_address, username, password, api_key, and port). If both are present, then the classic params are ignored.

Examples

- name: Register user ivanb to 10.0.1.101
  panos_userid:
    provider: '{{ provider }}'
    userid: 'ACMECORP\ivanb'
    register_ip: '10.0.1.101'

Status

Authors

  • Ivan Bojer (@ivanbojer)