Nicolas Leiva

Author Archives: Nicolas Leiva

Mapping SAML attributes to Red Hat Ansible Automation Platform organizations and teams

Two-Factor Authentication (2FA) is an additional layer of security that can be used to help protect enterprise applications from unauthorized access. While OAuth, and even some LDAP configs are viable options to enable 2FA in Ansible Automation Platform, users prefer to leverage Security Assertion Markup Language (SAML) for this purpose, as described in Using two-factor SAML with Red Hat Ansible Tower. On the other hand, 2FA to managed machines is discouraged.

SAML Blog 1https://pixabay.com/illustrations/eye-iris-biometrics-2771174/

SAML is an open standard that allows Identity Providers (IdP) exchange authorization credentials with a Service Provider (SP). The IdP supplies an XML document—known as assertion—to the SP to deliver a series of attributes that identify the login user. 

These attributes can be used in Ansible Automation Platform to determine the team and organization of a user. Let’s explore an example, with Microsoft Azure’s Active Directory as the IdP (and, of course, Ansible Automation Platform as the SP).

 

Attribute mapping

The goal of this example is to map users from four different groups (Alpha, Beta, Gamma and Delta) to either the Cloud or Network Organization in Ansible Tower, and make them part of a specific team (Engineering or Operations). Continue reading

Network MOP’s as automated workflows

What does successful network automation look like? What are the metrics that can measure the effectiveness of this practice and its business value?

Some will say we should look at time and cost savings, but we should not forget about driving consistency and a simpler operation to reduce risk. In this context, what are the use-cases that will get us there?

Network MOP blog 1

https://pixabay.com/illustrations/bot-cyborg-automation-helper-robot-4877977/

 

While there are generic use-cases, the real value of automation is truly uncovered when you are able to translate your existing processes into automated workflows that need no human intervention in order to be executed.

If your current processes are too complex, you can start by breaking them down into smaller chunks of work that will become the building blocks of your workflows. The simpler these units of work are, the more reliable/reusable they become.  This blog post will walk through several use-cases for network automation, and show examples of data validation and functional testing to automate Methods of Procedure (MOP).  We can then combine these building blocks into an overall workflow to gradually increase our time savings and reap more benefits from our automation as we add more building blocks.

Do something Continue reading