editIdentityPolicy
The editIdentityPolicy operation handles configuration related to IdentityPolicy model.
Data Parameters
| Parameter | Required | Type | Description | ||
|---|---|---|---|---|---|
| version | False | string | A unique string version assigned by the system when the object is created or modified. No assumption can be made on the format or content of this identifier. The identifier must be provided whenever attempting to modify/delete an existing object. As the version will change every time the object is modified, the value provided in this identifier must match exactly what is present in the system or the request will be rejected. | ||
| name | False | string | A UTF string containing the name for the identity policy. The string can be up to 48 characters. Field level constraints: cannot be null, length must be between 0 and 48 (inclusive), cannot have HTML, must match pattern (^[a-zA-Z0-9]$)|(^[a-zA-Z0-9][ a-zA-Z0-9.+-]*[a-zA-Z0-9.+-]$). (Note: Additional constraints might exist) |
||
| identityRules | False | [object] | A list of identity rules which determine whether user identity information should be collected for matching traffic. Allowed types are: [IdentityRule] |
||
| identityRuleIds | False | [integer] | Ids of the identity rules which are part of this identity policy. | ||
| activeAuthPort | False | integer | The captive portal port. The default is 885 (TCP). If configured to a different value, it must be in the range 1025-65535 Field level constraints: cannot be null. (Note: Additional constraints might exist) |
||
| defaultIdentityRule | False | object | A default identity rule created by the system with No Auth authentication action. This will disable identity-based rule to be applied to any traffic if no other identity rule exists. | ||
| id | False | string | A unique string identifier assigned by the system when the object is created. No assumption can be made on the format or content of this identifier. The identifier must be provided whenever attempting to modify/delete (or reference) an existing object. Field level constraints: must match pattern ^((?!;).)*$, cannot have HTML. (Note: Additional constraints might exist) |
||
| activeAuthCertificate | False | object | A mandatory internal certificate forwarded to the user browser during active authentication. Allowed types are: [ExternalCertificate, ExternalCACertificate, InternalCACertificate, InternalCertificate] |
||
| type | False | string | A UTF8 string, all letters lower-case, that represents the class-type. This corresponds to the class name. | ||
Path Parameters
| Parameter | Required | Type | Description | ||
|---|---|---|---|---|---|
| objId | True | string | |||
Example
- name: Execute 'editIdentityPolicy' operation
ftd_configuration:
operation: "editIdentityPolicy"
data:
version: "{{ version }}"
name: "{{ name }}"
identityRules: "{{ identity_rules }}"
identityRuleIds: "{{ identity_rule_ids }}"
activeAuthPort: "{{ active_auth_port }}"
defaultIdentityRule: "{{ default_identity_rule }}"
id: "{{ id }}"
activeAuthCertificate: "{{ active_auth_certificate }}"
type: "{{ type }}"
path_params:
objId: "{{ obj_id }}"