sophos.sophos_firewall.sfos_user module – Manage Users (Configure > Authentication > Users)

Note

This module is part of the sophos.sophos_firewall collection (version 2.0.1).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install sophos.sophos_firewall. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: sophos.sophos_firewall.sfos_user.

New in sophos.sophos_firewall 1.0.0

Synopsis

• Creates, updates or removes Users (Configure > Authentication > Users) on Sophos Firewall

Requirements

The below requirements are needed on the host that executes this module.

• sophosfirewall-python

• Beginning in version 2.0.0, this module requires use of an httpapi connection plugin. See the HTTPAPI example for details.

Parameters

Parameter	Comments
access_time_policy string	Access time policy name. Default: "Allowed all the time"
appliance_login_restriction string	Login restriction for appliance. Default: "AnyNode"
applianceaccess_schedule string	Name of appliance access schedule. Default: "All The Time"
cisco string	Enable/Disable Cisco. Choices: "Enable" "Disable" ← (default)
clientless_policy string	Clientless VPN policy. Default: "No Policy Applied"
description string	User description.
email string	User email address.
group string	Group name.
isencryptcert string	Enable/Disable encrypted cert. Choices: "Enable" "Disable" ← (default)
l2tp string	Enable/Disable l2tp. Choices: "Enable" "Disable" ← (default)
login_restriction string	Login Restriction for user. Default: "UserGroupNode"
mac_binding string	Enable/Disable MAC binding. Choices: "Enable" "Disable" ← (default)
name string	User display name.
pptp string	Enable/Disable pptp. Choices: "Enable" "Disable" ← (default)
profile string	Profile name.
quarantine_digest string	Enable/Disable Quarantine Digest. Choices: "Enable" "Disable" ← (default)
simultaneous_logins string	Enable/Disable simultaneous logins Choices: "Enable" "Disable"
sslvpn_policy string	SSL VPN Policy name. Default: "No Policy Applied"
state string / required	Use query to retrieve, present to create, absent to remove, or updated to modify Choices: "present" "absent" "updated" "query"
surfingquota_policy string	Surfing quota policy name. Default: "Unlimited Internet Access"
user string / required	Username to create, update, or delete.
user_password string	User password.
user_type string	Type of user (Administrator/User). Choices: "Administrator" "User"

Examples

- name: Create User
  sophos.sophos_firewall.sfos_user:
    user: testuser
    name: Test User
    description: Testing user creation from Ansible
    user_password: Sup3rS3cr3tP@ssw0rd
    user_type: User
    group: Open Group
    email: test.user@sophos.com
    state: present

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key	Description
api_response dictionary	Serialized object containing the API response. Returned: always

Authors

• Matt Mullen (@mamullen13316)

Collection links

• Issue Tracker
• Repository (Sources)

Warning

If the firewall is a member of a group in Central, the changes made by Ansible will override the settings of the group. The actual configuration on the firewall may then differ from what is displayed for the same setting in the Central group.