Osirium PAM: Profiles

Summary

This module contains actions for reading profile information from PAM.

Supported Versions

This plugin supports PAM versions 6.5.0 & newer.

Remember

You must have a PAM Appliance provisioned as a Vault inside PPA to use this plugin.

Actions

pam.profiles.

display

Display profiles in a table.

The table will have the following columns:

Name
Device Count
User Count
User Group Count

Minimum Plugin Version: 2.0.0

Input

text: the title of the table
profiles: any number of Profiles

Output

Nothing is outputted by this action.

Example

- pam.profiles.get_all:
    pam_address: pam.internal.net
  save: profiles

- pam.profiles.display:
    text: All Profiles
  load:
    profiles: profiles

pam.profiles.

get_all

Get all profiles from the PAM appliance.

Minimum Plugin Version: 1.0.0

Input

pam_address: the IP or DNS address of the PAM Appliance

Output

A list of Profiles.

Example

1
2
3

- pam.profiles.get_all:
    pam_address: pam.internal.net
  save: all_profiles

pam.profiles.

get_by_id

Get a profile using its ID.

Minimum Plugin Version: 1.0.0

Input

pam_address: the IP or DNS address of the PAM Appliance

profile_id: the ID of the profile

Output

A single Profile.

Example

- pam.profiles.get_by_id:
    pam_address: pam.internal.net
    profile_id: 10
  save: profile

pam.profiles.

get_by_name

Get a profile using its name.

Minimum Plugin Version: 1.0.0

Input

pam_address: the IP or DNS address of the PAM Appliance

name: the name of the device

Output

A single Profile.

Example

- pam.profiles.get_by_name:
    pam_address: pam.internal.net
    name: Windows Admins
  save: profile

pam.profiles.

get_devices

Warning

This action is not documented yet!

pam.profiles.

get_user_access

Warning

This action is not documented yet!

pam.profiles.

get_user_group_users

Get all users who have a usergroup membership to the supplied profile.

Minimum Plugin Version: 5.1.0

Input

pam_address: the IP or DNS address of the PAM Appliance

profile_id: the ID of the profile

Output

A list of Users.

Example

- pam.profiles.get_user_group_users:
    pam_address: pam.internal.net
    profile_id: 20
  save: group_users

pam.profiles.

get_user_groups

Get all user groups attached to the profile with the supplied ID.

Minimum Plugin Version: 3.5.0

Input

pam_address: the IP or DNS address of the PAM Appliance

profile_id: the ID of the profile

Output

A list of UserGroups.

Example

- pam.profiles.get_user_groups:
    pam_address: pam.internal.net
    profile_id: 20
  save: user_groups

pam.profiles.

input_table

Display profiles in a table & prompt the task operator to make a selection.

The table will have the following columns:

Name
Device Count
User Count
User Group Count

Deprecation Warning

This action will soon be deprecated in favour of select.

Minimum Plugin Version: 1.0.0

Input

text: The title of the table
profiles: any number of Profiles
minimum: The minimum number of acceptable selections
maximum: The maximum number of acceptable selections

Output

A list of Profiles.

Tip

If neither a minimum or maximum is provided, the task operator will be able to submit 0 selections.
If minimum or maximum are provided, the operation will repeat until the task operator makes a valid number of selections.

Example

- pam.profiles.get_all:
    pam_address: pam.internal.net
  save: all_profiles

- pam.profiles.input_table:
    text: Select a Profile
    minimum: 1
    maximum: 1
  load:
    profiles: all_profiles
  save: selected_profile

pam.profiles.

output_table

Display profiles in a table.

The table will have the following columns:

Name
Device Count
User Count
User Group Count

Deprecation Warning

This action will soon be deprecated in favour of display.

Minimum Plugin Version: 1.0.0

Input

text: the title of the table
profiles: any number of Profiles

Output

Nothing is outputted by this action.

Example

- pam.profiles.get_all:
    pam_address: pam.internal.net
  save: all_profiles

- pam.profiles.output_table:
    text: All Profiles
  load:
    profiles: all_profiles

pam.profiles.

search

Search for profiles in the PAM appliance.

Minimum Plugin Version: 2.0.0

Input

pam_address: the IP or DNS address of the PAM Appliance

queries: a list of Queries to use in the search

Output

A SearchResult containing:

total: the number of Profiles found
all: a list of Profiles found
first: the first Profile found
last: the last Profile found

Search Result Format

The search result format was updated in version 2.0.0 of this plugin.

It is not compatible with playbooks written against previous versions.

See here for more information.

Example

Finding all profiles that contain 1 or more users:

- pam.profiles.search:
    pam_address: pam.internal.net
    queries:
      - attribute: user_count
        query: greater_than
        value: 0
  save: search_results

Wildcard Queries

You can use the % character as a wildcard in the value of each query.

pam.profiles.

select

Display profiles in a table & prompt the task operator to make a selection.

The table will have the following columns:

Name
Device Count
User Count
User Group Count

Minimum Plugin Version: 2.0.0

Input

text: the title of the table
profiles: any number of Profiles
minimum: the minimum number of selections
maximum: the maximum number of selections

Output

A Selection containing:

total: the number of selected Profiles
all: a list of selected Profiles
first: the first selected Profile

Example

- pam.profiles.get_all:
    pam_address: pam.internal.net
  save: profiles

- pam.profiles.select:
    text: Select Profiles
  load:
    profiles: profiles
  save: selection

pam.profiles.

select_one

Display profiles in a table & prompt the task operator to select one.

The table will have the following columns:

Name
Device Count
User Count
User Group Count

Minimum Plugin Version: 2.0.0

Input

text: the title of the table
profiles: any number of Profiles

Output

A single Profile.

Example

- pam.profiles.get_all:
    pam_address: pam.internal.net
  save: profiles

- pam.profiles.select_one:
    text: Select a Profile
  load:
    profiles: profiles
  save: profile