sophos.sophos_firewall.sfos_admin_settings module – Manage Admin and user settings (System > Administration)
Note
This module is part of the sophos.sophos_firewall collection (version 2.0.1).
It is not included in ansible-core.
To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install sophos.sophos_firewall.
You need further requirements to be able to use this module,
see Requirements for details.
To use it in a playbook, specify: sophos.sophos_firewall.sfos_admin_settings.
New in sophos.sophos_firewall 1.0.0
Synopsis
Manage settings under System > Administration > Admin and user settings on Sophos Firewall
Requirements
The below requirements are needed on the host that executes this module.
sophosfirewall-python
Beginning in version 2.0.0, this module requires use of an httpapi connection plugin. See the HTTPAPI example for details.
Parameters
Parameter |
Comments |
|---|---|
Hostname settings. |
|
Description field in the hostname settings |
|
Hostname of the firewall |
|
Enable/Disable the login disclaimer Choices:
|
|
Login security settings |
|
Enable to block Admin login after configured number of failed attempts within configured time span. Choices:
|
|
Time span within which if Admin Login attempts exceed configured Unsuccessful Attempts, then Admin Login gets blocked. (1-120 seconds). |
|
Enable to logout Admin Session after configured timeout. Specify number of minutes to enable (1-120) |
|
Time interval for which Admin Login is blocked (1-60 minutes) |
|
Number of unsuccessful attempts |
|
Password complexity settings |
|
Enable/Disable complexity check Choices:
|
|
Enable/Disable enforcement of minimum password length Choices:
|
|
Enable/Disable special character requirement Choices:
|
|
Enable/Disable special character requirement Choices:
|
|
Enable/Disable special character requirement Choices:
|
|
Minimum password length |
|
Use Choices:
|
|
Web admin settings |
|
Certificate used for the admin interface |
|
HTTPS port for the administrative interface |
|
Custom portal hostname |
|
Redirect mode Choices:
|
|
HTTPS port for the user portal |
|
HTTPS port for the VPN portal |
Examples
- name: Update hostname settings
sophos.sophos_firewall.sfos_admin_settings:
hostname_settings:
hostname: sophos-firewall-dev1
description: Automation Testing 1
state: updated
- name: Update webadmin settings
sophos.sophos_firewall.sfos_admin_settings:
webadmin_settings:
vpnportal_https_port: 444
userportal_https_port: 4445
state: updated
- name: Update loginsecurity settings
sophos.sophos_firewall.sfos_admin_settings:
login_security:
logout_session: 120
block_login: Enable
unsuccessful_attempt: 3
duration: 30
minutes: 1
state: updated
- name: Update administrator password complexity settings
sophos.sophos_firewall.sfos_admin_settings:
password_complexity:
complexity_check: Enable
enforce_min_length: Enable
include_alpha: Enable
include_numeric: Enable
include_special: Enable
min_length: 10
state: updated
- name: Update login disclaimer
sophos.sophos_firewall.sfos_admin_settings:
login_disclaimer: Enable
state: updated
- name: Query admin settings
sophos.sophos_firewall.sfos_admin_settings:
state: query
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
|---|---|
Serialized object containing the API response. Returned: always |
Collection links
Warning
If the firewall is a member of a group in Central, the changes made by Ansible will override the settings of the group. The actual configuration on the firewall may then differ from what is displayed for the same setting in the Central group.