Osirium PAM: Users
Summary
This module contains actions for reading user information from PAM.
Supported Versions
This plugin supports PAM versions 6.5.0 & newer.
Remember
You must have a PAM Appliance provisioned as a Vault inside PPA to use this plugin.
Actions
pam.users.
display
Display users in a table.
The table will have the following columns:
- Name
- Username
- Email Address
- Authentication Type
- Enabled
- Expires At
Minimum Plugin Version: 2.0.0
Input
-
text: the title of the table
-
users: any number of Users
Output
Nothing is outputted by this action.
Example
1 2 3 4 5 6 7 8 |
|
pam.users.
get_all
Get all users from the PAM appliance.
Minimum Plugin Version: 1.0.0
Input
pam_address: the IP or DNS address of the PAM Appliance
Output
A list of Users.
Example
1 2 3 |
|
pam.users.
get_all_profiles
Get all profiles the supplied user is assigned to.
Minimum Plugin Version: 1.0.0
Input
pam_address: the IP or DNS address of the PAM Appliance
user_id: the ID of the user
Output
A list of Profiles.
Example
1 2 3 4 |
|
pam.users.
get_by_id
Get a user using its ID.
Minimum Plugin Version: 1.0.0
Input
pam_address: the IP or DNS address of the PAM Appliance
user_id: the ID of the user
Output
A single User.
Example
1 2 3 4 |
|
pam.users.
get_by_username
Get a user using its username.
Minimum Plugin Version: 1.0.0
Input
pam_address: the IP or DNS address of the PAM Appliance
username: the user's username
Output
A single User.
Example
1 2 3 4 |
|
pam.users.
get_devices
Get all devices the supplied user has access to.
Minimum Plugin Version: 1.0.0
Input
pam_address: the IP or DNS address of the PAM Appliance
user_id: the ID of the user
Output
A list of Devices.
Example
1 2 3 4 |
|
pam.users.
get_direct_profiles
Get all profiles the supplied user is directly assigned to.
Minimum Plugin Version: 1.0.0
Input
pam_address: the IP or DNS address of the PAM Appliance
user_id: the ID of the user
Output
A list of Profiles.
Example
1 2 3 4 |
|
pam.users.
get_user_group_profiles
Get all profiles the supplied user is assigned to via a user group.
Minimum Plugin Version: 1.0.0
Input
pam_address: the IP or DNS address of the PAM Appliance
user_id: the ID of the user
Output
A list of Profiles.
Example
1 2 3 4 |
|
pam.users.
get_user_groups
Get all user groups the supplied user is assigned to.
Minimum Plugin Version: 1.0.0
Input
pam_address: the IP or DNS address of the PAM Appliance
user_id: the ID of the user
Output
A list of UserGroups.
Example
1 2 3 4 |
|
pam.users.
in_profile
Determine if the supplied user is in a particular profile.
Minimum Plugin Version: 1.0.0
Input
pam_address: the IP or DNS address of the PAM Appliance
user_id: the ID of the user
profile_id: the ID of the profile to check
Output
A boolean is outputted by this action:
-
true
if the supplied user group is in the profile -
false
if the supplied user group is not in the group
Example
1 2 3 4 5 |
|
pam.users.
in_user_group
Determine if the supplied user is in a particular user group.
Minimum Plugin Version: 3.4.0
Input
pam_address: the IP or DNS address of the PAM Appliance
user_id: the ID of the user
user_group_id: the ID of the user group to check
Output
A boolean is outputted by this action:
-
true
if the supplied user is in the user group -
false
if the supplied user is not in the user group
Example
1 2 3 4 5 |
|
pam.users.
input_table
Display users in a table, & allow the task operator to make a selection.
The table will have the following columns:
- Name
- Username
- Email Address
- Authentication Type
- Enabled
- Expires At
Deprecation Warning
This action will soon be deprecated in favour of select.
Minimum Plugin Version: 1.0.0
Input
-
text: The title of the table
-
users: a single or list of Users to display in the table
-
minimum: The minimum number of acceptable selections
-
maximum: The maximum number of acceptable selections
Output
A list of Users.
Tip
-
If neither a minimum or maximum is provided, the task operator will be able to submit 0 selections.
-
If minimum or maximum are provided, the operation will repeat until the task operator makes a valid number of selections.
Example
1 2 3 4 5 6 7 8 9 10 11 |
|
pam.users.
output_table
Display users in a table.
The table will have the following columns:
- Name
- Username
- Email Address
- Authentication Type
- Enabled
- Expires At
Deprecation Warning
This action will soon be deprecated in favour of display.
Minimum Plugin Version: 1.0.0
Input
-
text: the title of the table
-
users: any number of Users
Output
Nothing is outputted by this action.
Example
1 2 3 4 5 6 7 8 |
|
pam.users.
search
Search for users in the PAM appliance.
Minimum Plugin Version: 2.0.0
Input
pam_address: the IP or DNS address of the PAM Appliance
queries: a list of Queries to use in the search
Output
A SearchResult containing:
Search Result Format
The search result format was updated in version 2.0.0 of this plugin.
It is not compatible with playbooks written again previous versions.
See here for more information.
Example
Find all disabled users:
1 2 3 4 5 6 7 |
|
Wildcard Queries
You can use the % character as a wildcard in the value
of each query.
pam.users.
select
Display users in a table & prompt the task operator to make a selection.
The table will have the following columns:
- Name
- Username
- Email Address
- Authentication Type
- Enabled
- Expires At
Minimum Plugin Version: 2.0.0
Input
-
text: The title of the table
-
users: any number of Users
-
minimum: The minimum number of acceptable selections
-
maximum: The maximum number of acceptable selections
Output
A Selection containing:
Example
1 2 3 4 5 6 7 8 9 |
|
pam.users.
select_one
Display users in a table & prompt the task operator to select one.
The table will have the following columns:
- Name
- Username
- Email Address
- Authentication Type
- Enabled
- Expires At
Minimum Plugin Version: 2.0.0
Input
-
text: The title of the table
-
users: any number of Users
Output
A single User.
Example
1 2 3 4 5 6 7 8 9 |
|