Forum Discussion

seamlessfirework's avatar
Apr 04, 2023

BIG-IP & Ansible configuration of "External Users"

Hey gus

I was wondering if I can configure the "External Users" through an Ansible playbook. In the official Ansible documentation I did not find a solution for that.

In my case any user is authenticated against a Cisco TACACS+ appliance. If I leave the knob to "No Access" I cannot connect through SSH to the BIG-IP

  • Yes you can, since there is no ansible module for it you can use the two follow options. 

    1.  You can use the F5 DO module and deploy the base configuration using f5 declarative objects. https://clouddocs.f5.com/products/extensions/f5-declarative-onboarding/latest/declarations/auth.html

    Then use ansbile to send an f5 DO to the device. (Remember you don't need the entire Config, you can split the files up and just have a tacacs+ Config). 

     

    2. Using ansbile you can just send tmsh command. Just add the commands that you would do in the cli using bigip_command 

        - name: command
          bigip_command:
            commands:
              - list sys crypto