ansible  2.9.27
About: Ansible is an IT Configuration Management, Deployment \
About: Ansible (2.x) is an IT Configuration Management, Deployment & Orchestration tool.
ansible download page.
  Fossies Dox: ansible-2.9.27.tar.gz  ("unofficial" and yet experimental doxygen-generated source code documentation)  

aci_interface_policy_port_security.py
Go to the documentation of this file.
1#!/usr/bin/python
2# -*- coding: utf-8 -*-
3
4# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
5
6from __future__ import absolute_import, division, print_function
7__metaclass__ = type
8
9ANSIBLE_METADATA = {'metadata_version': '1.1',
10 'status': ['preview'],
11 'supported_by': 'certified'}
12
13DOCUMENTATION = r'''
14---
15module: aci_interface_policy_port_security
16short_description: Manage port security (l2:PortSecurityPol)
17description:
18- Manage port security on Cisco ACI fabrics.
19version_added: '2.4'
20options:
21 port_security:
22 description:
23 - The name of the port security.
24 type: str
25 required: yes
26 aliases: [ name ]
27 description:
28 description:
29 - The description for the contract.
30 type: str
31 aliases: [ descr ]
32 max_end_points:
33 description:
34 - Maximum number of end points.
35 - Accepted values range between C(0) and C(12000).
36 - The APIC defaults to C(0) when unset during creation.
37 type: int
38 port_security_timeout:
39 version_added: '2.9'
40 description:
41 - The delay time in seconds before MAC learning is re-enabled
42 - Accepted values range between C(60) and C(3600)
43 - The APIC defaults to C(60) when unset during creation
44 type: int
45 state:
46 description:
47 - Use C(present) or C(absent) for adding or removing.
48 - Use C(query) for listing an object or multiple objects.
49 type: str
50 choices: [ absent, present, query ]
51 default: present
52extends_documentation_fragment: aci
53seealso:
54- name: APIC Management Information Model reference
55 description: More information about the internal APIC class B(l2:PortSecurityPol).
56 link: https://developer.cisco.com/docs/apic-mim-ref/
57author:
58- Dag Wieers (@dagwieers)
59'''
60
61# FIXME: Add more, better examples
62EXAMPLES = r'''
63- aci_interface_policy_port_security:
64 host: '{{ inventory_hostname }}'
65 username: '{{ username }}'
66 password: '{{ password }}'
67 port_security: '{{ port_security }}'
68 description: '{{ descr }}'
69 max_end_points: '{{ max_end_points }}'
70 port_security_timeout: '{{ port_security_timeout }}'
71 delegate_to: localhost
72'''
73
74RETURN = r'''
75current:
76 description: The existing configuration from the APIC after the module has finished
77 returned: success
78 type: list
79 sample:
80 [
81 {
82 "fvTenant": {
83 "attributes": {
84 "descr": "Production environment",
85 "dn": "uni/tn-production",
86 "name": "production",
87 "nameAlias": "",
88 "ownerKey": "",
89 "ownerTag": ""
90 }
91 }
92 }
93 ]
94error:
95 description: The error information as returned from the APIC
96 returned: failure
97 type: dict
98 sample:
99 {
100 "code": "122",
101 "text": "unknown managed object class foo"
102 }
103raw:
104 description: The raw output returned by the APIC REST API (xml or json)
105 returned: parse error
106 type: str
107 sample: '<?xml version="1.0" encoding="UTF-8"?><imdata totalCount="1"><error code="122" text="unknown managed object class foo"/></imdata>'
108sent:
109 description: The actual/minimal configuration pushed to the APIC
110 returned: info
111 type: list
112 sample:
113 {
114 "fvTenant": {
115 "attributes": {
116 "descr": "Production environment"
117 }
118 }
119 }
120previous:
121 description: The original configuration from the APIC before the module has started
122 returned: info
123 type: list
124 sample:
125 [
126 {
127 "fvTenant": {
128 "attributes": {
129 "descr": "Production",
130 "dn": "uni/tn-production",
131 "name": "production",
132 "nameAlias": "",
133 "ownerKey": "",
134 "ownerTag": ""
135 }
136 }
137 }
138 ]
139proposed:
140 description: The assembled configuration from the user-provided parameters
141 returned: info
142 type: dict
143 sample:
144 {
145 "fvTenant": {
146 "attributes": {
147 "descr": "Production environment",
148 "name": "production"
149 }
150 }
151 }
152filter_string:
153 description: The filter string used for the request
154 returned: failure or debug
155 type: str
156 sample: ?rsp-prop-include=config-only
157method:
158 description: The HTTP method used for the request to the APIC
159 returned: failure or debug
160 type: str
161 sample: POST
162response:
163 description: The HTTP response from the APIC
164 returned: failure or debug
165 type: str
166 sample: OK (30 bytes)
167status:
168 description: The HTTP status from the APIC
169 returned: failure or debug
170 type: int
171 sample: 200
172url:
173 description: The HTTP url used for the request to the APIC
174 returned: failure or debug
175 type: str
176 sample: https://10.11.12.13/api/mo/uni/tn-production.json
177'''
178
179from ansible.module_utils.basic import AnsibleModule
180from ansible.module_utils.network.aci.aci import ACIModule, aci_argument_spec
181
182
183def main():
184 argument_spec = aci_argument_spec()
185 argument_spec.update(
186 port_security=dict(type='str', aliases=['name']), # Not required for querying all objects
187 description=dict(type='str', aliases=['descr']),
188 max_end_points=dict(type='int'),
189 port_security_timeout=dict(type='int'),
190 state=dict(type='str', default='present', choices=['absent', 'present', 'query']),
191 )
192
193 module = AnsibleModule(
194 argument_spec=argument_spec,
195 supports_check_mode=True,
196 required_if=[
197 ['state', 'absent', ['port_security']],
198 ['state', 'present', ['port_security']],
199 ],
200 )
201
202 port_security = module.params['port_security']
203 description = module.params['description']
204 max_end_points = module.params['max_end_points']
205 port_security_timeout = module.params['port_security_timeout']
206 if max_end_points is not None and max_end_points not in range(12001):
207 module.fail_json(msg='The "max_end_points" must be between 0 and 12000')
208 if port_security_timeout is not None and port_security_timeout not in range(60, 3601):
209 module.fail_json(msg='The "port_security_timeout" must be between 60 and 3600')
210 state = module.params['state']
211
212 aci = ACIModule(module)
213 aci.construct_url(
214 root_class=dict(
215 aci_class='l2PortSecurityPol',
216 aci_rn='infra/portsecurityP-{0}'.format(port_security),
217 module_object=port_security,
218 target_filter={'name': port_security},
219 ),
220 )
221
222 aci.get_existing()
223
224 if state == 'present':
225 aci.payload(
226 aci_class='l2PortSecurityPol',
227 class_config=dict(
228 name=port_security,
229 descr=description,
230 maximum=max_end_points,
231 ),
232 )
233
234 aci.get_diff(aci_class='l2PortSecurityPol')
235
236 aci.post_config()
237
238 elif state == 'absent':
239 aci.delete_config()
240
241 aci.exit_json()
242
243
244if __name__ == "__main__":
245 main()