diff options
Diffstat (limited to 'ansible_collections/cisco/ise/plugins/modules')
384 files changed, 51142 insertions, 0 deletions
diff --git a/ansible_collections/cisco/ise/plugins/modules/__init__.py b/ansible_collections/cisco/ise/plugins/modules/__init__.py new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/__init__.py diff --git a/ansible_collections/cisco/ise/plugins/modules/aci_bindings_info.py b/ansible_collections/cisco/ise/plugins/modules/aci_bindings_info.py new file mode 100644 index 00000000..d08c9ebf --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/aci_bindings_info.py @@ -0,0 +1,112 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: aci_bindings_info +short_description: Information module for ACI Bindings +description: +- Get all ACI Bindings. +- This API allows clients to retrieve all the bindings that were sent to Cisco. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sort: + description: + - Sort query parameter. Sort type - asc or desc. + type: str + sortBy: + description: + - SortBy query parameter. Sort column by which objects needs to be sorted. + type: str + filterBy: + description: + - FilterBy query parameter. + elements: str + type: list + filterValue: + description: + - FilterValue query parameter. + elements: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + aci_bindings.AciBindings.get_aci_bindings_generator, + + - Paths used are + get /ers/config/acibindings/getall, + +""" + +EXAMPLES = r""" +- name: Get all ACI Bindings + cisco.ise.aci_bindings_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sort: asc + sortBy: string + filterBy: [] + filterValue: [] + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "ip": "string", + "sgtValue": "string", + "vn": "string", + "psn": "string", + "learnedFrom": "string", + "learnedBy": "string" + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "ip": "string", + "sgtValue": "string", + "vn": "string", + "psn": "string", + "learnedFrom": "string", + "learnedBy": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/aci_settings.py b/ansible_collections/cisco/ise/plugins/modules/aci_settings.py new file mode 100644 index 00000000..3c6e5f13 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/aci_settings.py @@ -0,0 +1,190 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: aci_settings +short_description: Resource module for ACI Settings +description: +- Manage operation update of the resource ACI Settings. +- This API allows the client to update ACI settings. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + aci50: + description: Enable 5.0 ACI Version. + type: bool + aci51: + description: Enable 5.1 ACI Version. + type: bool + aciipaddress: + description: ACI Domain manager Ip Address. + type: str + acipassword: + description: ACI Domain manager Password. + type: str + aciuserName: + description: ACI Domain manager Username. + type: str + adminName: + description: ACI Cluster Admin name. + type: str + adminPassword: + description: ACI Cluster Admin password. + type: str + allSXPDomain: + description: AllSXPDomain flag. + type: bool + defaultSGtName: + description: ACI Settings's defaultSGtName. + type: str + enableACI: + description: Enable ACI Integration. + type: bool + enableDataPlane: + description: EnableDataPlane flag. + type: bool + enableElementsLimit: + description: EnableElementsLimit flag. + type: bool + id: + description: Resource UUID value. + type: str + ipAddressHostName: + description: ACI Cluster IP Address / Host name. + type: str + l3RouteNetwork: + description: ACI Settings's l3RouteNetwork. + type: str + maxNumIepgFromACI: + description: ACI Settings's maxNumIepgFromACI. + type: int + maxNumSGtToACI: + description: ACI Settings's maxNumSGtToACI. + type: int + specificSXPDomain: + description: SpecificSXPDomain flag. + type: bool + specifixSXPDomainList: + description: ACI Settings's specifixSXPDomainList. + elements: str + type: list + suffixToEpg: + description: ACI Settings's suffixToEpg. + type: str + suffixToSGt: + description: ACI Settings's suffixToSGt. + type: str + tenantName: + description: ACI Settings's tenantName. + type: str + untaggedPacketIepgName: + description: ACI Settings's untaggedPacketIepgName. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + aci_settings.AciSettings.update_aci_settings_by_id, + + - Paths used are + put /ers/config/acisettings/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.aci_settings: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + aci50: true + aci51: true + aciipaddress: string + acipassword: string + aciuserName: string + adminName: string + adminPassword: string + allSxpDomain: true + defaultSgtName: string + enableAci: true + enableDataPlane: true + enableElementsLimit: true + id: string + ipAddressHostName: string + l3RouteNetwork: string + maxNumIepgFromAci: 0 + maxNumSgtToAci: 0 + specificSxpDomain: true + specifixSxpDomainList: + - string + suffixToEpg: string + suffixToSgt: string + tenantName: string + untaggedPacketIepgName: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "enableAci": true, + "ipAddressHostName": "string", + "adminName": "string", + "adminPassword": "string", + "aciipaddress": "string", + "aciuserName": "string", + "acipassword": "string", + "tenantName": "string", + "l3RouteNetwork": "string", + "suffixToEpg": "string", + "suffixToSgt": "string", + "allSxpDomain": true, + "specificSxpDomain": true, + "specifixSxpDomainList": [ + "string" + ], + "enableDataPlane": true, + "untaggedPacketIepgName": "string", + "defaultSgtName": "string", + "enableElementsLimit": true, + "maxNumIepgFromAci": 0, + "maxNumSgtToAci": 0, + "aci50": true, + "aci51": true + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/aci_settings_info.py b/ansible_collections/cisco/ise/plugins/modules/aci_settings_info.py new file mode 100644 index 00000000..5884b472 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/aci_settings_info.py @@ -0,0 +1,75 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: aci_settings_info +short_description: Information module for ACI Settings +description: +- Get all ACI Settings. +- This API allows the client to get ACI Settings. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + aci_settings.AciSettings.get_aci_settings, + + - Paths used are + get /ers/config/acisettings, + +""" + +EXAMPLES = r""" +- name: Get all ACI Settings + cisco.ise.aci_settings_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "enableAci": true, + "ipAddressHostName": "string", + "adminName": "string", + "adminPassword": "string", + "aciipaddress": "string", + "aciuserName": "string", + "acipassword": "string", + "tenantName": "string", + "l3RouteNetwork": "string", + "suffixToEpg": "string", + "suffixToSgt": "string", + "allSxpDomain": true, + "specificSxpDomain": true, + "specifixSxpDomainList": [ + "string" + ], + "enableDataPlane": true, + "untaggedPacketIepgName": "string", + "defaultSgtName": "string", + "enableElementsLimit": true, + "maxNumIepgFromAci": 0, + "maxNumSgtToAci": 0, + "aci50": true, + "aci51": true + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/aci_test_connectivity.py b/ansible_collections/cisco/ise/plugins/modules/aci_test_connectivity.py new file mode 100644 index 00000000..5608cde0 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/aci_test_connectivity.py @@ -0,0 +1,52 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: aci_test_connectivity +short_description: Resource module for ACI Test Connectivity +description: +- Manage operation update of the resource ACI Test Connectivity. +- This API allows the client to test ACI Domain Manager connection. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + aci_settings.AciSettings.test_aci_connectivity, + + - Paths used are + put /ers/config/acisettings/testACIConnectivity, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.aci_test_connectivity: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "ACITestConnectionResult": { + "result": true + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/active_directory.py b/ansible_collections/cisco/ise/plugins/modules/active_directory.py new file mode 100644 index 00000000..5fa9d41b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/active_directory.py @@ -0,0 +1,347 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: active_directory +short_description: Resource module for Active Directory +description: +- Manage operations create and delete of the resource Active Directory. +- This API creates an AD join point in Cisco ISE. +- This API deletes an AD join point from Cisco ISE. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + adAttributes: + description: Holds list of AD Attributes. + suboptions: + attributes: + description: List of Attributes. + elements: dict + suboptions: + defaultValue: + description: Required for each attribute in the attribute list. Can contain + an empty string. All characters are allowed except <%". + type: str + internalName: + description: Required for each attribute in the attribute list. All characters + are allowed except <%". + type: str + name: + description: Required for each attribute in the attribute list with no duplication + between attributes. All characters are allowed except <%". + type: str + type: + description: Required for each group in the group list. Allowed values STRING, + IP, BOOLEAN, INT, OCTET_STRING. + type: str + type: list + type: dict + adScopesNames: + description: String that contains the names of the scopes that the active directory + belongs to. Names are separated by comma. Alphanumeric, underscore (_) characters + are allowed. + type: str + adgroups: + description: Holds list of AD Groups. + suboptions: + groups: + description: List of Groups. + elements: dict + suboptions: + name: + description: Required for each group in the group list with no duplication + between groups. All characters are allowed except %. + type: str + sid: + description: Cisco ISE uses security identifiers (SIDs) for optimization + of group membership evaluation. SIDs are useful for efficiency (speed) + when the groups are evaluated. All characters are allowed except %. + type: str + type: + description: No character restriction. + type: str + type: list + type: dict + advancedSettings: + description: Active Directory's advancedSettings. + suboptions: + agingTime: + description: Range 1-8760 hours. + type: int + authProtectionType: + description: Enable prevent AD account lockout. Allowed values - WIRELESS, - + WIRED, - BOTH. + type: str + country: + description: User info attribute. All characters are allowed except %. + type: str + department: + description: User info attribute. All characters are allowed except %. + type: str + email: + description: User info attribute. All characters are allowed except %. + type: str + enableCallbackForDialinClient: + description: EnableCallbackForDialinClient flag. + type: bool + enableDialinPermissionCheck: + description: EnableDialinPermissionCheck flag. + type: bool + enableFailedAuthProtection: + description: Enable prevent AD account lockout due to too many bad password + attempts. + type: bool + enableMachineAccess: + description: EnableMachineAccess flag. + type: bool + enableMachineAuth: + description: EnableMachineAuth flag. + type: bool + enablePassChange: + description: EnablePassChange flag. + type: bool + enableRewrites: + description: EnableRewrites flag. + type: bool + failedAuthThreshold: + description: Number of bad password attempts. + type: int + firstName: + description: User info attribute. All characters are allowed except %. + type: str + identityNotInAdBehaviour: + description: Allowed values REJECT, SEARCH_JOINED_FOREST, SEARCH_ALL. + type: str + jobTitle: + description: User info attribute. All characters are allowed except %. + type: str + lastName: + description: User info attribute. All characters are allowed except %. + type: str + locality: + description: User info attribute. All characters are allowed except %. + type: str + organizationalUnit: + description: User info attribute. All characters are allowed except %. + type: str + plaintextAuth: + description: PlaintextAuth flag. + type: bool + rewriteRules: + description: Identity rewrite is an advanced feature that directs Cisco ISE + to manipulate the identity before it is passed to the external Active Directory + system. You can create rules to change the identity to a desired format that + includes or excludes a domain prefix and/or suffix or other additional markup + of your choice. + elements: dict + suboptions: + rewriteMatch: + description: Required for each rule in the list with no duplication between + rules. All characters are allowed except %". + type: str + rewriteResult: + description: Required for each rule in the list. All characters are allowed + except %". + type: str + rowId: + description: Required for each rule in the list in serial order. + type: int + type: list + schema: + description: Allowed values ACTIVE_DIRECTORY, CUSTOM. Choose ACTIVE_DIRECTORY + schema when the AD attributes defined in AD can be copied to relevant attributes + in Cisco ISE. If customization is needed, choose CUSTOM schema. All User info + attributes are always set to default value if schema is ACTIVE_DIRECTORY. + Values can be changed only for CUSTOM schema. + type: str + stateOrProvince: + description: User info attribute. All characters are allowed except %. + type: str + streetAddress: + description: User info attribute. All characters are allowed except %. + type: str + telephone: + description: User info attribute. All characters are allowed except %. + type: str + unreachableDomainsBehaviour: + description: Allowed values PROCEED, DROP. + type: str + type: dict + description: + description: No character restriction. + type: str + domain: + description: The AD domain. Alphanumeric, hyphen (-) and dot (.) characters are + allowed. + type: str + enableDomainWhiteList: + description: EnableDomainWhiteList flag. + type: bool + id: + description: Id path parameter. + type: str + name: + description: Resource Name. Maximum 32 characters allowed. Allowed characters are + alphanumeric and .-_/\\ characters. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + active_directory.ActiveDirectory.create_active_directory, + active_directory.ActiveDirectory.delete_active_directory_by_id, + + - Paths used are + post /ers/config/activedirectory, + delete /ers/config/activedirectory/{id}, + +""" + +EXAMPLES = r""" +- name: Delete by id + cisco.ise.active_directory: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.active_directory: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + adAttributes: + attributes: + - defaultValue: string + internalName: string + name: string + type: string + adScopesNames: string + adgroups: + groups: + - name: string + sid: string + type: string + advancedSettings: + agingTime: 0 + authProtectionType: string + country: string + department: string + email: string + enableCallbackForDialinClient: true + enableDialinPermissionCheck: true + enableFailedAuthProtection: true + enableMachineAccess: true + enableMachineAuth: true + enablePassChange: true + enableRewrites: true + failedAuthThreshold: 0 + firstName: string + identityNotInAdBehaviour: string + jobTitle: string + lastName: string + locality: string + organizationalUnit: string + plaintextAuth: true + rewriteRules: + - rewriteMatch: string + rewriteResult: string + rowId: 0 + schema: string + stateOrProvince: string + streetAddress: string + telephone: string + unreachableDomainsBehaviour: string + description: string + domain: string + enableDomainWhiteList: true + id: string + name: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "domain": "string", + "enableDomainWhiteList": true, + "enableDomainAllowedList": true, + "adgroups": { + "groups": [ + { + "name": "string", + "sid": "string", + "type": "string" + } + ] + }, + "advancedSettings": { + "enablePassChange": true, + "enableMachineAuth": true, + "enableMachineAccess": true, + "agingTime": 0, + "enableDialinPermissionCheck": true, + "enableCallbackForDialinClient": true, + "plaintextAuth": true, + "enableFailedAuthProtection": true, + "authProtectionType": "string", + "failedAuthThreshold": 0, + "identityNotInAdBehaviour": "string", + "unreachableDomainsBehaviour": "string", + "enableRewrites": true, + "rewriteRules": [ + { + "rowId": 0, + "rewriteMatch": "string", + "rewriteResult": "string" + } + ], + "firstName": "string", + "department": "string", + "lastName": "string", + "organizationalUnit": "string", + "jobTitle": "string", + "locality": "string", + "email": "string", + "stateOrProvince": "string", + "telephone": "string", + "country": "string", + "streetAddress": "string", + "schema": "string" + }, + "adAttributes": { + "attributes": [ + { + "name": "string", + "type": "string", + "internalName": "string", + "defaultValue": "string" + } + ] + }, + "adScopesNames": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/active_directory_add_groups.py b/ansible_collections/cisco/ise/plugins/modules/active_directory_add_groups.py new file mode 100644 index 00000000..298a05eb --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/active_directory_add_groups.py @@ -0,0 +1,268 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: active_directory_add_groups +short_description: Resource module for Active Directory Add Groups +description: +- Manage operation update of the resource Active Directory Add Groups. +- This API loads domain groups configuration from Active Directory into Cisco. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + adAttributes: + description: Holds list of AD Attributes. + suboptions: + attributes: + description: List of Attributes. + elements: dict + suboptions: + defaultValue: + description: Required for each attribute in the attribute list. Can contain + an empty string. All characters are allowed except <%". + type: str + internalName: + description: Required for each attribute in the attribute list. All characters + are allowed except <%". + type: str + name: + description: Required for each attribute in the attribute list with no duplication + between attributes. All characters are allowed except <%". + type: str + type: + description: Required for each group in the group list. Allowed values STRING, + IP, BOOLEAN, INT, OCTET_STRING. + type: str + type: list + type: dict + adScopesNames: + description: String that contains the names of the scopes that the active directory + belongs to. Names are separated by comma. Alphanumeric, underscore (_) characters + are allowed. + type: str + adgroups: + description: Holds list of AD Groups. + suboptions: + groups: + description: List of Groups. + elements: dict + suboptions: + name: + description: Required for each group in the group list with no duplication + between groups. All characters are allowed except %. + type: str + sid: + description: Cisco ISE uses security identifiers (SIDs) for optimization + of group membership evaluation. SIDs are useful for efficiency (speed) + when the groups are evaluated. All characters are allowed except %. + type: str + type: + description: No character restriction. + type: str + type: list + type: dict + advancedSettings: + description: Active Directory Add Groups's advancedSettings. + suboptions: + agingTime: + description: Range 1-8760 hours. + type: int + authProtectionType: + description: Enable prevent AD account lockout. Allowed values - WIRELESS, - + WIRED, - BOTH. + type: str + country: + description: User info attribute. All characters are allowed except %. + type: str + department: + description: User info attribute. All characters are allowed except %. + type: str + email: + description: User info attribute. All characters are allowed except %. + type: str + enableCallbackForDialinClient: + description: EnableCallbackForDialinClient flag. + type: bool + enableDialinPermissionCheck: + description: EnableDialinPermissionCheck flag. + type: bool + enableFailedAuthProtection: + description: Enable prevent AD account lockout due to too many bad password + attempts. + type: bool + enableMachineAccess: + description: EnableMachineAccess flag. + type: bool + enableMachineAuth: + description: EnableMachineAuth flag. + type: bool + enablePassChange: + description: EnablePassChange flag. + type: bool + enableRewrites: + description: EnableRewrites flag. + type: bool + failedAuthThreshold: + description: Number of bad password attempts. + type: int + firstName: + description: User info attribute. All characters are allowed except %. + type: str + identityNotInAdBehaviour: + description: Allowed values REJECT, SEARCH_JOINED_FOREST, SEARCH_ALL. + type: str + jobTitle: + description: User info attribute. All characters are allowed except %. + type: str + lastName: + description: User info attribute. All characters are allowed except %. + type: str + locality: + description: User info attribute. All characters are allowed except %. + type: str + organizationalUnit: + description: User info attribute. All characters are allowed except %. + type: str + plaintextAuth: + description: PlaintextAuth flag. + type: bool + rewriteRules: + description: Identity rewrite is an advanced feature that directs Cisco ISE + to manipulate the identity before it is passed to the external Active Directory + system. You can create rules to change the identity to a desired format that + includes or excludes a domain prefix and/or suffix or other additional markup + of your choice. + elements: dict + suboptions: + rewriteMatch: + description: Required for each rule in the list with no duplication between + rules. All characters are allowed except %". + type: str + rewriteResult: + description: Required for each rule in the list. All characters are allowed + except %". + type: str + rowId: + description: Required for each rule in the list in serial order. + type: int + type: list + schema: + description: Allowed values ACTIVE_DIRECTORY, CUSTOM. Choose ACTIVE_DIRECTORY + schema when the AD attributes defined in AD can be copied to relevant attributes + in Cisco ISE. If customization is needed, choose CUSTOM schema. All User info + attributes are always set to default value if schema is ACTIVE_DIRECTORY. + Values can be changed only for CUSTOM schema. + type: str + stateOrProvince: + description: User info attribute. All characters are allowed except %. + type: str + streetAddress: + description: User info attribute. All characters are allowed except %. + type: str + telephone: + description: User info attribute. All characters are allowed except %. + type: str + unreachableDomainsBehaviour: + description: Allowed values PROCEED, DROP. + type: str + type: dict + description: + description: No character restriction. + type: str + domain: + description: The AD domain. Alphanumeric, hyphen (-) and dot (.) characters are + allowed. + type: str + enableDomainWhiteList: + description: EnableDomainWhiteList flag. + type: bool + id: + description: Resource UUID value. + type: str + name: + description: Resource Name. Maximum 32 characters allowed. Allowed characters are + alphanumeric and .-_/\\ characters. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + active_directory.ActiveDirectory.load_groups_from_domain, + + - Paths used are + put /ers/config/activedirectory/{id}/addGroups, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.active_directory_add_groups: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + adAttributes: + attributes: + - defaultValue: string + internalName: string + name: string + type: string + adScopesNames: string + adgroups: + groups: + - name: string + sid: string + type: string + advancedSettings: + agingTime: 0 + authProtectionType: string + country: string + department: string + email: string + enableCallbackForDialinClient: true + enableDialinPermissionCheck: true + enableFailedAuthProtection: true + enableMachineAccess: true + enableMachineAuth: true + enablePassChange: true + enableRewrites: true + failedAuthThreshold: 0 + firstName: string + identityNotInAdBehaviour: string + jobTitle: string + lastName: string + locality: string + organizationalUnit: string + plaintextAuth: true + rewriteRules: + - rewriteMatch: string + rewriteResult: string + rowId: 0 + schema: string + stateOrProvince: string + streetAddress: string + telephone: string + unreachableDomainsBehaviour: string + description: string + domain: string + enableDomainWhiteList: true + id: string + name: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/active_directory_groups_by_domain_info.py b/ansible_collections/cisco/ise/plugins/modules/active_directory_groups_by_domain_info.py new file mode 100644 index 00000000..46dd9467 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/active_directory_groups_by_domain_info.py @@ -0,0 +1,83 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: active_directory_groups_by_domain_info +short_description: Information module for Active Directory Groups By Domain +description: +- Get all Active Directory Groups By Domain. +- This API lists the groups of the given domain. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + additionalData: + description: Active Directory Get Groups By Domain Info's additionalData. + elements: dict + suboptions: + name: + description: Active Directory Get Groups By Domain Info's name. + type: str + value: + description: Active Directory Get Groups By Domain Info's value. + type: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + active_directory.ActiveDirectory.get_groups_by_domain, + + - Paths used are + put /ers/config/activedirectory/{id}/getGroupsByDomain, + +""" + +EXAMPLES = r""" +- name: Get all Active Directory Groups By Domain + cisco.ise.active_directory_groups_by_domain_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + additionalData: + - name: domain + value: Required. The domain whose groups we want to fetch + - name: filter + value: Optional. Exact match filter on group's CN + - name: sidFilter + value: Optional. Exact match filter on group's SID, optionally specifying the domain + as prefix. e.g. S-1-5-33-544 and R1.dom/S-1-5-33-544 are legal + - name: typeFilter + value: Optional. Can be exactly one of:BUILTIN, DOMAIN LOCAL, GLOBAL, UNIVERSAL + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "groups": [ + { + "groupName": "string", + "sid": "string", + "type": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/active_directory_info.py b/ansible_collections/cisco/ise/plugins/modules/active_directory_info.py new file mode 100644 index 00000000..5291dfc1 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/active_directory_info.py @@ -0,0 +1,236 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: active_directory_info +short_description: Information module for Active Directory +description: +- Get all Active Directory. +- Get Active Directory by id. +- Get Active Directory by name. +- This API allows the client to get Active Directory by name. +- This API fetchs the join point details by ID. The ID can be retrieved with the. +- This API lists all the join points for Active Directory domains in Cisco ISE. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + active_directory.ActiveDirectory.get_active_directory_by_id, + active_directory.ActiveDirectory.get_active_directory_by_name, + active_directory.ActiveDirectory.get_active_directory_generator, + + - Paths used are + get /ers/config/activedirectory, + get /ers/config/activedirectory/name/{name}, + get /ers/config/activedirectory/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Active Directory + cisco.ise.active_directory_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + register: result + +- name: Get Active Directory by id + cisco.ise.active_directory_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get Active Directory by name + cisco.ise.active_directory_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "domain": "string", + "enableDomainWhiteList": true, + "enableDomainAllowedList": true, + "adgroups": { + "groups": [ + { + "name": "string", + "sid": "string", + "type": "string" + } + ] + }, + "advancedSettings": { + "enablePassChange": true, + "enableMachineAuth": true, + "enableMachineAccess": true, + "agingTime": 0, + "enableDialinPermissionCheck": true, + "enableCallbackForDialinClient": true, + "plaintextAuth": true, + "enableFailedAuthProtection": true, + "authProtectionType": "string", + "failedAuthThreshold": 0, + "identityNotInAdBehaviour": "string", + "unreachableDomainsBehaviour": "string", + "enableRewrites": true, + "rewriteRules": [ + { + "rowId": 0, + "rewriteMatch": "string", + "rewriteResult": "string" + } + ], + "firstName": "string", + "department": "string", + "lastName": "string", + "organizationalUnit": "string", + "jobTitle": "string", + "locality": "string", + "email": "string", + "stateOrProvince": "string", + "telephone": "string", + "country": "string", + "streetAddress": "string", + "schema": "string" + }, + "adAttributes": { + "attributes": [ + { + "name": "string", + "type": "string", + "internalName": "string", + "defaultValue": "string" + } + ] + }, + "adScopesNames": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "domain": "string", + "enableDomainWhiteList": true, + "enableDomainAllowedList": true, + "adgroups": { + "groups": [ + { + "name": "string", + "sid": "string", + "type": "string" + } + ] + }, + "advancedSettings": { + "enablePassChange": true, + "enableMachineAuth": true, + "enableMachineAccess": true, + "agingTime": 0, + "enableDialinPermissionCheck": true, + "enableCallbackForDialinClient": true, + "plaintextAuth": true, + "enableFailedAuthProtection": true, + "authProtectionType": "string", + "failedAuthThreshold": 0, + "identityNotInAdBehaviour": "string", + "unreachableDomainsBehaviour": "string", + "enableRewrites": true, + "rewriteRules": [ + { + "rowId": 0, + "rewriteMatch": "string", + "rewriteResult": "string" + } + ], + "firstName": "string", + "department": "string", + "lastName": "string", + "organizationalUnit": "string", + "jobTitle": "string", + "locality": "string", + "email": "string", + "stateOrProvince": "string", + "telephone": "string", + "country": "string", + "streetAddress": "string", + "schema": "string" + }, + "adAttributes": { + "attributes": [ + { + "name": "string", + "type": "string", + "internalName": "string", + "defaultValue": "string" + } + ] + }, + "adScopesNames": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/active_directory_is_user_member_of_group_info.py b/ansible_collections/cisco/ise/plugins/modules/active_directory_is_user_member_of_group_info.py new file mode 100644 index 00000000..2584e6f5 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/active_directory_is_user_member_of_group_info.py @@ -0,0 +1,79 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: active_directory_is_user_member_of_group_info +short_description: Information module for Active Directory Is User Member Of Group +description: +- Get all Active Directory Is User Member Of Group. +- This API verifies if the user is a member of the given groups. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + additionalData: + description: Active Directory Is User Member Of Group's additionalData. + elements: dict + suboptions: + name: + description: Active Directory Is User Member Of Group's name. + type: str + value: + description: Active Directory Is User Member Of Group's value. + type: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + active_directory.ActiveDirectory.is_user_member_of_groups, + + - Paths used are + put /ers/config/activedirectory/{id}/isUserMemberOf, + +""" + +EXAMPLES = r""" +- name: Get all Active Directory Is User Member Of Group + cisco.ise.active_directory_is_user_member_of_group_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + additionalData: + - name: username + value: Required. Perform the check on this user + - name: groupsids + value: Required. Membership is looked for. The result will be a subset of this list + of the groups the user is a member of + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "groups": [ + { + "groupName": "string", + "sid": "string", + "type": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/active_directory_join_domain.py b/ansible_collections/cisco/ise/plugins/modules/active_directory_join_domain.py new file mode 100644 index 00000000..b07f435c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/active_directory_join_domain.py @@ -0,0 +1,74 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: active_directory_join_domain +short_description: Resource module for Active Directory Join Domain +description: +- Manage operation update of the resource Active Directory Join Domain. +- This API joins a Cisco ISE node to an Active Directory domain. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + additionalData: + description: Active Directory Join Domain's additionalData. + elements: dict + suboptions: + name: + description: Active Directory Join Domain's name. + type: str + value: + description: Active Directory Join Domain's value. + type: str + type: list + id: + description: Id path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + active_directory.ActiveDirectory.join_domain, + + - Paths used are + put /ers/config/activedirectory/{id}/join, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.active_directory_join_domain: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + additionalData: + - name: username + value: Required. The domain user to use + - name: password + value: Required. The domain user's password + - name: node + value: Required. The name of the ISE node to join the domain. The node names can + be retrieved with the "Node Details/Get All" ERS operation + - name: orgunit + value: Optional. The organizational unit in AD where the machine object for the + joined ISE will be stored. + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/active_directory_join_domain_with_all_nodes.py b/ansible_collections/cisco/ise/plugins/modules/active_directory_join_domain_with_all_nodes.py new file mode 100644 index 00000000..bc2e3055 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/active_directory_join_domain_with_all_nodes.py @@ -0,0 +1,68 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: active_directory_join_domain_with_all_nodes +short_description: Resource module for Active Directory Join Domain With All Nodes +description: +- Manage operation update of the resource Active Directory Join Domain With All Nodes. +- This API joins all Cisco ISE Nodes to an Active Directory domain. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + additionalData: + description: Active Directory Join Domain With All Nodes's additionalData. + elements: dict + suboptions: + name: + description: Active Directory Join Domain With All Nodes's name. + type: str + value: + description: Active Directory Join Domain With All Nodes's value. + type: str + type: list + id: + description: Id path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + active_directory.ActiveDirectory.join_domain_with_all_nodes, + + - Paths used are + put /ers/config/activedirectory/{id}/joinAllNodes, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.active_directory_join_domain_with_all_nodes: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + additionalData: + - name: username + value: Required. The domain user to use + - name: password + value: Required. The domain user's password + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/active_directory_leave_domain.py b/ansible_collections/cisco/ise/plugins/modules/active_directory_leave_domain.py new file mode 100644 index 00000000..26d84718 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/active_directory_leave_domain.py @@ -0,0 +1,74 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: active_directory_leave_domain +short_description: Resource module for Active Directory Leave Domain +description: +- Manage operation update of the resource Active Directory Leave Domain. +- This API makes a Cisco ISE node to leave an Active Directory domain. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + additionalData: + description: Active Directory Leave Domain's additionalData. + elements: dict + suboptions: + name: + description: Active Directory Leave Domain's name. + type: str + value: + description: Active Directory Leave Domain's value. + type: str + type: list + id: + description: Id path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + active_directory.ActiveDirectory.leave_domain, + + - Paths used are + put /ers/config/activedirectory/{id}/leave, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.active_directory_leave_domain: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + additionalData: + - name: username + value: Required. The domain user to use + - name: password + value: Required. The domain user's password + - name: node + value: Required. The name of the ISE node to leave the domain. The node names can + be retrieved with the "Node Details/Get All" ERS operation + - name: orgunit + value: Optional. The organizational unit in AD where the machine object for the + joined ISE will be stored + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/active_directory_leave_domain_with_all_nodes.py b/ansible_collections/cisco/ise/plugins/modules/active_directory_leave_domain_with_all_nodes.py new file mode 100644 index 00000000..78710362 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/active_directory_leave_domain_with_all_nodes.py @@ -0,0 +1,68 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: active_directory_leave_domain_with_all_nodes +short_description: Resource module for Active Directory Leave Domain With All Nodes +description: +- Manage operation update of the resource Active Directory Leave Domain With All Nodes. +- This API joins makes all Cisco ISE nodes leave an Active Directory domain. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + additionalData: + description: Active Directory Leave Domain With All Nodes's additionalData. + elements: dict + suboptions: + name: + description: Active Directory Leave Domain With All Nodes's name. + type: str + value: + description: Active Directory Leave Domain With All Nodes's value. + type: str + type: list + id: + description: Id path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + active_directory.ActiveDirectory.leave_domain_with_all_nodes, + + - Paths used are + put /ers/config/activedirectory/{id}/leaveAllNodes, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.active_directory_leave_domain_with_all_nodes: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + additionalData: + - name: username + value: Required. The domain user to use + - name: password + value: Required. The domain user's password + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/active_directory_trusted_domains_info.py b/ansible_collections/cisco/ise/plugins/modules/active_directory_trusted_domains_info.py new file mode 100644 index 00000000..748478d7 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/active_directory_trusted_domains_info.py @@ -0,0 +1,62 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: active_directory_trusted_domains_info +short_description: Information module for Active Directory Trusted Domains +description: +- Get all Active Directory Trusted Domains. +- This API gets the list of domains that are accessible through the given join. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + active_directory.ActiveDirectory.get_trusted_domains, + + - Paths used are + put /ers/config/activedirectory/{id}/getTrustedDomains, + +""" + +EXAMPLES = r""" +- name: Get all Active Directory Trusted Domains + cisco.ise.active_directory_trusted_domains_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "domains": [ + { + "dnsName": "string", + "forest": "string", + "unusableReason": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/active_directory_user_groups_info.py b/ansible_collections/cisco/ise/plugins/modules/active_directory_user_groups_info.py new file mode 100644 index 00000000..78692e0f --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/active_directory_user_groups_info.py @@ -0,0 +1,76 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: active_directory_user_groups_info +short_description: Information module for Active Directory User Groups +description: +- Get all Active Directory User Groups. +- This API allows the client to get groups of which a given user is a member. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + additionalData: + description: Active Directory Get User Groups Info's additionalData. + elements: dict + suboptions: + name: + description: Active Directory Get User Groups Info's name. + type: str + value: + description: Active Directory Get User Groups Info's value. + type: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + active_directory.ActiveDirectory.get_user_groups, + + - Paths used are + put /ers/config/activedirectory/{id}/getUserGroups, + +""" + +EXAMPLES = r""" +- name: Get all Active Directory User Groups + cisco.ise.active_directory_user_groups_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + additionalData: + - name: username + value: Required. The user to get its groups. + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "groups": [ + { + "groupName": "string", + "sid": "string", + "type": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/admin_user_info.py b/ansible_collections/cisco/ise/plugins/modules/admin_user_info.py new file mode 100644 index 00000000..23c7bc99 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/admin_user_info.py @@ -0,0 +1,159 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: admin_user_info +short_description: Information module for Admin User +description: +- Get all Admin User. +- Get Admin User by id. +- This API allows the client to get all the admin users. +- This API allows the client to get an admin user by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + admin_user.AdminUser.get_admin_user_by_id, + admin_user.AdminUser.get_admin_users_generator, + + - Paths used are + get /ers/config/adminuser, + get /ers/config/adminuser/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Admin User + cisco.ise.admin_user_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Admin User by id + cisco.ise.admin_user_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "name": "string", + "id": "string", + "description": "string", + "enabled": true, + "password": "string", + "changePassword": true, + "includeSystemAlarmsInEmail": true, + "externalUser": true, + "inactiveAccountNeverDisabled": true, + "adminGroups": "string", + "customAttributes": {}, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "name": "string", + "id": "string", + "description": "string", + "enabled": true, + "password": "string", + "changePassword": true, + "includeSystemAlarmsInEmail": true, + "externalUser": true, + "inactiveAccountNeverDisabled": true, + "adminGroups": "string", + "customAttributes": {}, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/allowed_protocols.py b/ansible_collections/cisco/ise/plugins/modules/allowed_protocols.py new file mode 100644 index 00000000..6a9d3868 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/allowed_protocols.py @@ -0,0 +1,637 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: allowed_protocols +short_description: Resource module for Allowed Protocols +description: +- Manage operations create, update and delete of the resource Allowed Protocols. +- This API creates an allowed protocol. +- This API deletes an allowed protocol. +- This API allows the client to update an allowed protocol. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + allowChap: + description: AllowChap flag. + type: bool + allowEapFast: + description: AllowEapFast flag. + type: bool + allowEapMd5: + description: AllowEapMd5 flag. + type: bool + allowEapTls: + description: AllowEapTls flag. + type: bool + allowEapTtls: + description: AllowEapTtls flag. + type: bool + allowLeap: + description: AllowLeap flag. + type: bool + allowMsChapV1: + description: AllowMsChapV1 flag. + type: bool + allowMsChapV2: + description: AllowMsChapV2 flag. + type: bool + allowPapAscii: + description: AllowPapAscii flag. + type: bool + allowPeap: + description: AllowPeap flag. + type: bool + allowPreferredEapProtocol: + description: AllowPreferredEapProtocol flag. + type: bool + allowTeap: + description: AllowTeap flag. + type: bool + allowWeakCiphersForEap: + description: AllowWeakCiphersForEap flag. + type: bool + description: + description: Allowed Protocols's description. + type: str + eapFast: + description: The eapFast is required only if allowEapFast is true, otherwise it + must be ignored. The object eapFast contains the settings for EAP FAST protocol. + suboptions: + allowEapFastEapGtc: + description: AllowEapFastEapGtc flag. + type: bool + allowEapFastEapGtcPwdChange: + description: The allowEapFastEapGtcPwdChange is required only if allowEapFastEapGtc + is true, otherwise it must be ignored. + type: bool + allowEapFastEapGtcPwdChangeRetries: + description: The allowEapFastEapGtcPwdChangeRetries is required only if allowEapFastEapGtc + is true, otherwise it must be ignored. Valid range is 0-3. + type: int + allowEapFastEapMsChapV2: + description: AllowEapFastEapMsChapV2 flag. + type: bool + allowEapFastEapMsChapV2PwdChange: + description: The allowEapFastEapMsChapV2PwdChange is required only if allowEapFastEapMsChapV2 + is true, otherwise it must be ignored. + type: bool + allowEapFastEapMsChapV2PwdChangeRetries: + description: The allowEapFastEapMsChapV2PwdChangeRetries is required only if + eapTtlsEapMsChapV2 is true, otherwise it must be ignored. Valid range is 0-3. + type: int + allowEapFastEapTls: + description: AllowEapFastEapTls flag. + type: bool + allowEapFastEapTlsAuthOfExpiredCerts: + description: The allowEapFastEapTlsAuthOfExpiredCerts is required only if allowEapFastEapTls + is true, otherwise it must be ignored. + type: bool + eapFastDontUsePacsAcceptClientCert: + description: The eapFastDontUsePacsAcceptClientCert is required only if eapFastUsePacs + is FALSE, otherwise it must be ignored. + type: bool + eapFastDontUsePacsAllowMachineAuthentication: + description: The eapFastDontUsePacsAllowMachineAuthentication is required only + if eapFastUsePacs is FALSE, otherwise it must be ignored. + type: bool + eapFastEnableEAPChaining: + description: EapFastEnableEAPChaining flag. + type: bool + eapFastUsePacs: + description: EapFastUsePacs flag. + type: bool + eapFastUsePacsAcceptClientCert: + description: The eapFastUsePacsAcceptClientCert is required only if eapFastUsePacsAllowAuthenProvisioning + is true, otherwise it must be ignored. + type: bool + eapFastUsePacsAllowAnonymProvisioning: + description: The eapFastUsePacsAllowAnonymProvisioning is required only if eapFastUsePacs + is true, otherwise it must be ignored. + type: bool + eapFastUsePacsAllowAuthenProvisioning: + description: The eapFastUsePacsAllowAuthenProvisioning is required only if eapFastUsePacs + is true, otherwise it must be ignored. + type: bool + eapFastUsePacsAllowMachineAuthentication: + description: EapFastUsePacsAllowMachineAuthentication flag. + type: bool + eapFastUsePacsAuthorizationPacTtl: + description: The eapFastUsePacsAuthorizationPacTtl is required only if eapFastUsePacsStatelessSessionResume + is true, otherwise it must be ignored. + type: int + eapFastUsePacsAuthorizationPacTtlUnits: + description: The eapFastUsePacsAuthorizationPacTtlUnits is required only if + eapFastUsePacsStatelessSessionResume is true, otherwise it must be ignored. + Allowed Values - SECONDS, - MINUTES, - HOURS, - DAYS, - WEEKS. + type: str + eapFastUsePacsMachinePacTtl: + description: The eapFastUsePacsMachinePacTtl is required only if eapFastUsePacsAllowMachineAuthentication + is true, otherwise it must be ignored. + type: int + eapFastUsePacsMachinePacTtlUnits: + description: The eapFastUsePacsMachinePacTtlUnits is required only if eapFastUsePacsAllowMachineAuthentication + is true, otherwise it must be ignored. Allowed Values - SECONDS, - MINUTES, + - HOURS, - DAYS, - WEEKS. + type: str + eapFastUsePacsReturnAccessAcceptAfterAuthenticatedProvisioning: + description: The eapFastUsePacsReturnAccessAcceptAfterAuthenticatedProvisioning + is required only if eapFastUsePacsAllowAuthenProvisioning is true, otherwise + it must be ignored. + type: bool + eapFastUsePacsStatelessSessionResume: + description: The eapFastUsePacsStatelessSessionResume is required only if eapFastUsePacs + is true, otherwise it must be ignored. + type: bool + eapFastUsePacsTunnelPacTtl: + description: The eapFastUsePacsTunnelPacTtl is required only if eapFastUsePacs + is true, otherwise it must be ignored. + type: int + eapFastUsePacsTunnelPacTtlUnits: + description: The eapFastUsePacsTunnelPacTtlUnits is required only if eapFastUsePacs + is true, otherwise it must be ignored. Allowed Values - SECONDS, - MINUTES, + - HOURS, - DAYS, - WEEKS. + type: str + eapFastUsePacsUseProactivePacUpdatePrecentage: + description: The eapFastUsePacsUseProactivePacUpdatePrecentage is required only + if eapFastUsePacs is true, otherwise it must be ignored. + type: int + type: dict + eapTls: + description: The eapTls is required only if allowEapTls is true, otherwise it must + be ignored. The object eapTls contains the settings for EAP TLS protocol. + suboptions: + allowEapTlsAuthOfExpiredCerts: + description: AllowEapTlsAuthOfExpiredCerts flag. + type: bool + eapTlsEnableStatelessSessionResume: + description: EapTlsEnableStatelessSessionResume flag. + type: bool + eapTlsSessionTicketPrecentage: + description: The eapTlsSessionTicketPrecentage is required only if eapTlsEnableStatelessSessionResume + is true, otherwise it must be ignored. + type: int + eapTlsSessionTicketTtl: + description: Time to live. The eapTlsSessionTicketTtl is required only if eapTlsEnableStatelessSessionResume + is true, otherwise it must be ignored. + type: int + eapTlsSessionTicketTtlUnits: + description: Time to live time units. The eapTlsSessionTicketTtlUnits is required + only if eapTlsEnableStatelessSessionResume is true, otherwise it must be ignored. + Allowed Values - SECONDS, - MINUTES, - HOURS, - DAYS, - WEEKS. + type: str + type: dict + eapTlsLBit: + description: EapTlsLBit flag. + type: bool + eapTtls: + description: The eapTtls is required only if allowEapTtls is true, otherwise it + must be ignored. The object eapTtls contains the settings for EAP TTLS protocol. + suboptions: + eapTtlsChap: + description: EapTtlsChap flag. + type: bool + eapTtlsEapMd5: + description: EapTtlsEapMd5 flag. + type: bool + eapTtlsEapMsChapV2: + description: EapTtlsEapMsChapV2 flag. + type: bool + eapTtlsEapMsChapV2PwdChange: + description: The eapTtlsEapMsChapV2PwdChange is required only if eapTtlsEapMsChapV2 + is true, otherwise it must be ignored. + type: bool + eapTtlsEapMsChapV2PwdChangeRetries: + description: The eapTtlsEapMsChapV2PwdChangeRetries is required only if eapTtlsEapMsChapV2 + is true, otherwise it must be ignored. Valid range is 0-3. + type: int + eapTtlsMsChapV1: + description: EapTtlsMsChapV1 flag. + type: bool + eapTtlsMsChapV2: + description: EapTtlsMsChapV2 flag. + type: bool + eapTtlsPapAscii: + description: EapTtlsPapAscii flag. + type: bool + type: dict + id: + description: Resource UUID, Mandatory for update. + type: str + name: + description: Resource Name. + type: str + peap: + description: Allowed Protocols's peap. + suboptions: + allowPeapEapGtc: + description: AllowPeapEapGtc flag. + type: bool + allowPeapEapGtcPwdChange: + description: The allowPeapEapGtcPwdChange is required only if allowPeapEapGtc + is true, otherwise it must be ignored. + type: bool + allowPeapEapGtcPwdChangeRetries: + description: The allowPeapEapGtcPwdChangeRetries is required only if allowPeapEapGtc + is true, otherwise it must be ignored. Valid range is 0-3. + type: int + allowPeapEapMsChapV2: + description: AllowPeapEapMsChapV2 flag. + type: bool + allowPeapEapMsChapV2PwdChange: + description: The allowPeapEapMsChapV2PwdChange is required only if allowPeapEapMsChapV2 + is true, otherwise it must be ignored. + type: bool + allowPeapEapMsChapV2PwdChangeRetries: + description: The allowPeapEapMsChapV2PwdChangeRetries is required only if allowPeapEapMsChapV2 + is true, otherwise it must be ignored. Valid range is 0-3. + type: int + allowPeapEapTls: + description: AllowPeapEapTls flag. + type: bool + allowPeapEapTlsAuthOfExpiredCerts: + description: The allowPeapEapTlsAuthOfExpiredCerts is required only if allowPeapEapTls + is true, otherwise it must be ignored. + type: bool + allowPeapV0: + description: AllowPeapV0 flag. + type: bool + requireCryptobinding: + description: RequireCryptobinding flag. + type: bool + type: dict + preferredEapProtocol: + description: The preferredEapProtocol is required only if allowPreferredEapProtocol + is true, otherwise it must be ignored. Allowed Values - EAP_FAST, - PEAP, - LEAP, + - EAP_MD5, - EAP_TLS, - EAP_TTLS, - TEAP. + type: str + processHostLookup: + description: ProcessHostLookup flag. + type: bool + requireMessageAuth: + description: RequireMessageAuth flag. + type: bool + teap: + description: The teap is required only if allowTeap is true, otherwise it must be + ignored. The object teap contains the settings for TEAP protocol. + suboptions: + acceptClientCertDuringTunnelEst: + description: AcceptClientCertDuringTunnelEst flag. + type: bool + allowDowngradeMsk: + description: AllowDowngradeMsk flag. + type: bool + allowTeapEapMsChapV2: + description: AllowTeapEapMsChapV2 flag. + type: bool + allowTeapEapMsChapV2PwdChange: + description: The allowTeapEapMsChapV2PwdChange is required only if allowTeapEapMsChapV2 + is true, otherwise it must be ignored. + type: bool + allowTeapEapMsChapV2PwdChangeRetries: + description: The allowTeapEapMsChapV2PwdChangeRetries is required only if allowTeapEapMsChapV2 + is true, otherwise it must be ignored. Valid range is 0-3. + type: int + allowTeapEapTls: + description: AllowTeapEapTls flag. + type: bool + allowTeapEapTlsAuthOfExpiredCerts: + description: The allowTeapEapTlsAuthOfExpiredCerts is required only if allowTeapEapTls + is true, otherwise it must be ignored. + type: bool + enableEapChaining: + description: EnableEapChaining flag. + type: bool + type: dict +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + allowed_protocols.AllowedProtocols.create_allowed_protocol, + allowed_protocols.AllowedProtocols.delete_allowed_protocol_by_id, + allowed_protocols.AllowedProtocols.update_allowed_protocol_by_id, + + - Paths used are + post /ers/config/allowedprotocols, + delete /ers/config/allowedprotocols/{id}, + put /ers/config/allowedprotocols/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.allowed_protocols: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + allowChap: true + allowEapFast: true + allowEapMd5: true + allowEapTls: true + allowEapTtls: true + allowLeap: true + allowMsChapV1: true + allowMsChapV2: true + allowPapAscii: true + allowPeap: true + allowPreferredEapProtocol: true + allowTeap: true + allowWeakCiphersForEap: true + description: string + eapFast: + allowEapFastEapGtc: true + allowEapFastEapGtcPwdChange: true + allowEapFastEapGtcPwdChangeRetries: 0 + allowEapFastEapMsChapV2: true + allowEapFastEapMsChapV2PwdChange: true + allowEapFastEapMsChapV2PwdChangeRetries: 0 + allowEapFastEapTls: true + allowEapFastEapTlsAuthOfExpiredCerts: true + eapFastDontUsePacsAcceptClientCert: true + eapFastDontUsePacsAllowMachineAuthentication: true + eapFastEnableEAPChaining: true + eapFastUsePacs: true + eapFastUsePacsAcceptClientCert: true + eapFastUsePacsAllowAnonymProvisioning: true + eapFastUsePacsAllowAuthenProvisioning: true + eapFastUsePacsAllowMachineAuthentication: true + eapFastUsePacsAuthorizationPacTtl: 0 + eapFastUsePacsAuthorizationPacTtlUnits: string + eapFastUsePacsMachinePacTtl: 0 + eapFastUsePacsMachinePacTtlUnits: string + eapFastUsePacsReturnAccessAcceptAfterAuthenticatedProvisioning: true + eapFastUsePacsStatelessSessionResume: true + eapFastUsePacsTunnelPacTtl: 0 + eapFastUsePacsTunnelPacTtlUnits: string + eapFastUsePacsUseProactivePacUpdatePrecentage: 0 + eapTls: + allowEapTlsAuthOfExpiredCerts: true + eapTlsEnableStatelessSessionResume: true + eapTlsSessionTicketPrecentage: 0 + eapTlsSessionTicketTtl: 0 + eapTlsSessionTicketTtlUnits: string + eapTlsLBit: true + eapTtls: + eapTtlsChap: true + eapTtlsEapMd5: true + eapTtlsEapMsChapV2: true + eapTtlsEapMsChapV2PwdChange: true + eapTtlsEapMsChapV2PwdChangeRetries: 0 + eapTtlsMsChapV1: true + eapTtlsMsChapV2: true + eapTtlsPapAscii: true + id: string + name: string + peap: + allowPeapEapGtc: true + allowPeapEapGtcPwdChange: true + allowPeapEapGtcPwdChangeRetries: 0 + allowPeapEapMsChapV2: true + allowPeapEapMsChapV2PwdChange: true + allowPeapEapMsChapV2PwdChangeRetries: 0 + allowPeapEapTls: true + allowPeapEapTlsAuthOfExpiredCerts: true + allowPeapV0: true + requireCryptobinding: true + preferredEapProtocol: string + processHostLookup: true + requireMessageAuth: true + teap: + acceptClientCertDuringTunnelEst: true + allowDowngradeMsk: true + allowTeapEapMsChapV2: true + allowTeapEapMsChapV2PwdChange: true + allowTeapEapMsChapV2PwdChangeRetries: 0 + allowTeapEapTls: true + allowTeapEapTlsAuthOfExpiredCerts: true + enableEapChaining: true + +- name: Delete by id + cisco.ise.allowed_protocols: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.allowed_protocols: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + allowChap: true + allowEapFast: true + allowEapMd5: true + allowEapTls: true + allowEapTtls: true + allowLeap: true + allowMsChapV1: true + allowMsChapV2: true + allowPapAscii: true + allowPeap: true + allowPreferredEapProtocol: true + allowTeap: true + allowWeakCiphersForEap: true + description: string + eapFast: + allowEapFastEapGtc: true + allowEapFastEapGtcPwdChange: true + allowEapFastEapGtcPwdChangeRetries: 0 + allowEapFastEapMsChapV2: true + allowEapFastEapMsChapV2PwdChange: true + allowEapFastEapMsChapV2PwdChangeRetries: 0 + allowEapFastEapTls: true + allowEapFastEapTlsAuthOfExpiredCerts: true + eapFastDontUsePacsAcceptClientCert: true + eapFastDontUsePacsAllowMachineAuthentication: true + eapFastEnableEAPChaining: true + eapFastUsePacs: true + eapFastUsePacsAcceptClientCert: true + eapFastUsePacsAllowAnonymProvisioning: true + eapFastUsePacsAllowAuthenProvisioning: true + eapFastUsePacsAllowMachineAuthentication: true + eapFastUsePacsAuthorizationPacTtl: 0 + eapFastUsePacsAuthorizationPacTtlUnits: string + eapFastUsePacsMachinePacTtl: 0 + eapFastUsePacsMachinePacTtlUnits: string + eapFastUsePacsReturnAccessAcceptAfterAuthenticatedProvisioning: true + eapFastUsePacsStatelessSessionResume: true + eapFastUsePacsTunnelPacTtl: 0 + eapFastUsePacsTunnelPacTtlUnits: string + eapFastUsePacsUseProactivePacUpdatePrecentage: 0 + eapTls: + allowEapTlsAuthOfExpiredCerts: true + eapTlsEnableStatelessSessionResume: true + eapTlsSessionTicketPrecentage: 0 + eapTlsSessionTicketTtl: 0 + eapTlsSessionTicketTtlUnits: string + eapTlsLBit: true + eapTtls: + eapTtlsChap: true + eapTtlsEapMd5: true + eapTtlsEapMsChapV2: true + eapTtlsEapMsChapV2PwdChange: true + eapTtlsEapMsChapV2PwdChangeRetries: 0 + eapTtlsMsChapV1: true + eapTtlsMsChapV2: true + eapTtlsPapAscii: true + name: string + peap: + allowPeapEapGtc: true + allowPeapEapGtcPwdChange: true + allowPeapEapGtcPwdChangeRetries: 0 + allowPeapEapMsChapV2: true + allowPeapEapMsChapV2PwdChange: true + allowPeapEapMsChapV2PwdChangeRetries: 0 + allowPeapEapTls: true + allowPeapEapTlsAuthOfExpiredCerts: true + allowPeapV0: true + requireCryptobinding: true + preferredEapProtocol: string + processHostLookup: true + requireMessageAuth: true + teap: + acceptClientCertDuringTunnelEst: true + allowDowngradeMsk: true + allowTeapEapMsChapV2: true + allowTeapEapMsChapV2PwdChange: true + allowTeapEapMsChapV2PwdChangeRetries: 0 + allowTeapEapTls: true + allowTeapEapTlsAuthOfExpiredCerts: true + enableEapChaining: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "eapTls": { + "allowEapTlsAuthOfExpiredCerts": true, + "eapTlsEnableStatelessSessionResume": true, + "eapTlsSessionTicketTtl": 0, + "eapTlsSessionTicketTtlUnits": "string", + "eapTlsSessionTicketPrecentage": 0 + }, + "peap": { + "allowPeapEapMsChapV2": true, + "allowPeapEapMsChapV2PwdChange": true, + "allowPeapEapMsChapV2PwdChangeRetries": 0, + "allowPeapEapGtc": true, + "allowPeapEapGtcPwdChange": true, + "allowPeapEapGtcPwdChangeRetries": 0, + "allowPeapEapTls": true, + "allowPeapEapTlsAuthOfExpiredCerts": true, + "requireCryptobinding": true, + "allowPeapV0": true + }, + "eapFast": { + "allowEapFastEapMsChapV2": true, + "allowEapFastEapMsChapV2PwdChange": true, + "allowEapFastEapMsChapV2PwdChangeRetries": 0, + "allowEapFastEapGtc": true, + "allowEapFastEapGtcPwdChange": true, + "allowEapFastEapGtcPwdChangeRetries": 0, + "allowEapFastEapTls": true, + "allowEapFastEapTlsAuthOfExpiredCerts": true, + "eapFastUsePacs": true, + "eapFastUsePacsTunnelPacTtl": 0, + "eapFastUsePacsTunnelPacTtlUnits": "string", + "eapFastUsePacsUseProactivePacUpdatePrecentage": 0, + "eapFastUsePacsAllowAnonymProvisioning": true, + "eapFastUsePacsAllowAuthenProvisioning": true, + "eapFastUsePacsReturnAccessAcceptAfterAuthenticatedProvisioning": true, + "eapFastUsePacsAcceptClientCert": true, + "eapFastUsePacsMachinePacTtl": 0, + "eapFastUsePacsMachinePacTtlUnits": "string", + "eapFastUsePacsAllowMachineAuthentication": true, + "eapFastUsePacsStatelessSessionResume": true, + "eapFastUsePacsAuthorizationPacTtl": 0, + "eapFastUsePacsAuthorizationPacTtlUnits": "string", + "eapFastDontUsePacsAcceptClientCert": true, + "eapFastDontUsePacsAllowMachineAuthentication": true, + "eapFastEnableEAPChaining": true + }, + "eapTtls": { + "eapTtlsPapAscii": true, + "eapTtlsChap": true, + "eapTtlsMsChapV1": true, + "eapTtlsMsChapV2": true, + "eapTtlsEapMd5": true, + "eapTtlsEapMsChapV2": true, + "eapTtlsEapMsChapV2PwdChange": true, + "eapTtlsEapMsChapV2PwdChangeRetries": 0 + }, + "teap": { + "allowTeapEapMsChapV2": true, + "allowTeapEapMsChapV2PwdChange": true, + "allowTeapEapMsChapV2PwdChangeRetries": 0, + "allowTeapEapTls": true, + "allowTeapEapTlsAuthOfExpiredCerts": true, + "acceptClientCertDuringTunnelEst": true, + "enableEapChaining": true, + "allowDowngradeMsk": true + }, + "processHostLookup": true, + "allowPapAscii": true, + "allowChap": true, + "allowMsChapV1": true, + "allowMsChapV2": true, + "allowEapMd5": true, + "allowLeap": true, + "allowEapTls": true, + "allowEapTtls": true, + "allowEapFast": true, + "allowPeap": true, + "allowTeap": true, + "allowPreferredEapProtocol": true, + "preferredEapProtocol": "string", + "eapTlsLBit": true, + "allowWeakCiphersForEap": true, + "requireMessageAuth": true, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/allowed_protocols_info.py b/ansible_collections/cisco/ise/plugins/modules/allowed_protocols_info.py new file mode 100644 index 00000000..69241303 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/allowed_protocols_info.py @@ -0,0 +1,288 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: allowed_protocols_info +short_description: Information module for Allowed Protocols +description: +- Get all Allowed Protocols. +- Get Allowed Protocols by id. +- Get Allowed Protocols by name. +- This API allows the client to get all the allowed protocols. +- This API allows the client to get an allowed protocol by ID. +- This API allows the client to get an allowed protocol by name. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + allowed_protocols.AllowedProtocols.get_allowed_protocol_by_id, + allowed_protocols.AllowedProtocols.get_allowed_protocol_by_name, + allowed_protocols.AllowedProtocols.get_allowed_protocols_generator, + + - Paths used are + get /ers/config/allowedprotocols, + get /ers/config/allowedprotocols/name/{name}, + get /ers/config/allowedprotocols/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Allowed Protocols + cisco.ise.allowed_protocols_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + register: result + +- name: Get Allowed Protocols by id + cisco.ise.allowed_protocols_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get Allowed Protocols by name + cisco.ise.allowed_protocols_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "eapTls": { + "allowEapTlsAuthOfExpiredCerts": true, + "eapTlsEnableStatelessSessionResume": true, + "eapTlsSessionTicketTtl": 0, + "eapTlsSessionTicketTtlUnits": "string", + "eapTlsSessionTicketPrecentage": 0 + }, + "peap": { + "allowPeapEapMsChapV2": true, + "allowPeapEapMsChapV2PwdChange": true, + "allowPeapEapMsChapV2PwdChangeRetries": 0, + "allowPeapEapGtc": true, + "allowPeapEapGtcPwdChange": true, + "allowPeapEapGtcPwdChangeRetries": 0, + "allowPeapEapTls": true, + "allowPeapEapTlsAuthOfExpiredCerts": true, + "requireCryptobinding": true, + "allowPeapV0": true + }, + "eapFast": { + "allowEapFastEapMsChapV2": true, + "allowEapFastEapMsChapV2PwdChange": true, + "allowEapFastEapMsChapV2PwdChangeRetries": 0, + "allowEapFastEapGtc": true, + "allowEapFastEapGtcPwdChange": true, + "allowEapFastEapGtcPwdChangeRetries": 0, + "allowEapFastEapTls": true, + "allowEapFastEapTlsAuthOfExpiredCerts": true, + "eapFastUsePacs": true, + "eapFastUsePacsTunnelPacTtl": 0, + "eapFastUsePacsTunnelPacTtlUnits": "string", + "eapFastUsePacsUseProactivePacUpdatePrecentage": 0, + "eapFastUsePacsAllowAnonymProvisioning": true, + "eapFastUsePacsAllowAuthenProvisioning": true, + "eapFastUsePacsReturnAccessAcceptAfterAuthenticatedProvisioning": true, + "eapFastUsePacsAcceptClientCert": true, + "eapFastUsePacsMachinePacTtl": 0, + "eapFastUsePacsMachinePacTtlUnits": "string", + "eapFastUsePacsAllowMachineAuthentication": true, + "eapFastUsePacsStatelessSessionResume": true, + "eapFastUsePacsAuthorizationPacTtl": 0, + "eapFastUsePacsAuthorizationPacTtlUnits": "string", + "eapFastDontUsePacsAcceptClientCert": true, + "eapFastDontUsePacsAllowMachineAuthentication": true, + "eapFastEnableEAPChaining": true + }, + "eapTtls": { + "eapTtlsPapAscii": true, + "eapTtlsChap": true, + "eapTtlsMsChapV1": true, + "eapTtlsMsChapV2": true, + "eapTtlsEapMd5": true, + "eapTtlsEapMsChapV2": true, + "eapTtlsEapMsChapV2PwdChange": true, + "eapTtlsEapMsChapV2PwdChangeRetries": 0 + }, + "teap": { + "allowTeapEapMsChapV2": true, + "allowTeapEapMsChapV2PwdChange": true, + "allowTeapEapMsChapV2PwdChangeRetries": 0, + "allowTeapEapTls": true, + "allowTeapEapTlsAuthOfExpiredCerts": true, + "acceptClientCertDuringTunnelEst": true, + "enableEapChaining": true, + "allowDowngradeMsk": true + }, + "processHostLookup": true, + "allowPapAscii": true, + "allowChap": true, + "allowMsChapV1": true, + "allowMsChapV2": true, + "allowEapMd5": true, + "allowLeap": true, + "allowEapTls": true, + "allowEapTtls": true, + "allowEapFast": true, + "allowPeap": true, + "allowTeap": true, + "allowPreferredEapProtocol": true, + "preferredEapProtocol": "string", + "eapTlsLBit": true, + "allowWeakCiphersForEap": true, + "requireMessageAuth": true, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "eapTls": { + "allowEapTlsAuthOfExpiredCerts": true, + "eapTlsEnableStatelessSessionResume": true, + "eapTlsSessionTicketTtl": 0, + "eapTlsSessionTicketTtlUnits": "string", + "eapTlsSessionTicketPrecentage": 0 + }, + "peap": { + "allowPeapEapMsChapV2": true, + "allowPeapEapMsChapV2PwdChange": true, + "allowPeapEapMsChapV2PwdChangeRetries": 0, + "allowPeapEapGtc": true, + "allowPeapEapGtcPwdChange": true, + "allowPeapEapGtcPwdChangeRetries": 0, + "allowPeapEapTls": true, + "allowPeapEapTlsAuthOfExpiredCerts": true, + "requireCryptobinding": true, + "allowPeapV0": true + }, + "eapFast": { + "allowEapFastEapMsChapV2": true, + "allowEapFastEapMsChapV2PwdChange": true, + "allowEapFastEapMsChapV2PwdChangeRetries": 0, + "allowEapFastEapGtc": true, + "allowEapFastEapGtcPwdChange": true, + "allowEapFastEapGtcPwdChangeRetries": 0, + "allowEapFastEapTls": true, + "allowEapFastEapTlsAuthOfExpiredCerts": true, + "eapFastUsePacs": true, + "eapFastUsePacsTunnelPacTtl": 0, + "eapFastUsePacsTunnelPacTtlUnits": "string", + "eapFastUsePacsUseProactivePacUpdatePrecentage": 0, + "eapFastUsePacsAllowAnonymProvisioning": true, + "eapFastUsePacsAllowAuthenProvisioning": true, + "eapFastUsePacsReturnAccessAcceptAfterAuthenticatedProvisioning": true, + "eapFastUsePacsAcceptClientCert": true, + "eapFastUsePacsMachinePacTtl": 0, + "eapFastUsePacsMachinePacTtlUnits": "string", + "eapFastUsePacsAllowMachineAuthentication": true, + "eapFastUsePacsStatelessSessionResume": true, + "eapFastUsePacsAuthorizationPacTtl": 0, + "eapFastUsePacsAuthorizationPacTtlUnits": "string", + "eapFastDontUsePacsAcceptClientCert": true, + "eapFastDontUsePacsAllowMachineAuthentication": true, + "eapFastEnableEAPChaining": true + }, + "eapTtls": { + "eapTtlsPapAscii": true, + "eapTtlsChap": true, + "eapTtlsMsChapV1": true, + "eapTtlsMsChapV2": true, + "eapTtlsEapMd5": true, + "eapTtlsEapMsChapV2": true, + "eapTtlsEapMsChapV2PwdChange": true, + "eapTtlsEapMsChapV2PwdChangeRetries": 0 + }, + "teap": { + "allowTeapEapMsChapV2": true, + "allowTeapEapMsChapV2PwdChange": true, + "allowTeapEapMsChapV2PwdChangeRetries": 0, + "allowTeapEapTls": true, + "allowTeapEapTlsAuthOfExpiredCerts": true, + "acceptClientCertDuringTunnelEst": true, + "enableEapChaining": true, + "allowDowngradeMsk": true + }, + "processHostLookup": true, + "allowPapAscii": true, + "allowChap": true, + "allowMsChapV1": true, + "allowMsChapV2": true, + "allowEapMd5": true, + "allowLeap": true, + "allowEapTls": true, + "allowEapTtls": true, + "allowEapFast": true, + "allowPeap": true, + "allowTeap": true, + "allowPreferredEapProtocol": true, + "preferredEapProtocol": "string", + "eapTlsLBit": true, + "allowWeakCiphersForEap": true, + "requireMessageAuth": true, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/anc_endpoint_apply.py b/ansible_collections/cisco/ise/plugins/modules/anc_endpoint_apply.py new file mode 100644 index 00000000..ebb530e2 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/anc_endpoint_apply.py @@ -0,0 +1,66 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: anc_endpoint_apply +short_description: Resource module for ANC Endpoint Apply +description: +- Manage operation update of the resource ANC Endpoint Apply. +- This API allows the client to apply the required configuration. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + additionalData: + description: ANC Endpoint Apply's additionalData. + elements: dict + suboptions: + name: + description: ANC Endpoint Apply's name. + type: str + value: + description: ANC Endpoint Apply's value. + type: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + anc_endpoint.AncEndpoint.apply_anc_endpoint, + + - Paths used are + put /ers/config/ancendpoint/apply, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.anc_endpoint_apply: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + additionalData: + - name: macAddress + value: MAC address + - name: ipAddress + value: IP address + - name: policyName + value: Policy Name + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/anc_endpoint_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/modules/anc_endpoint_bulk_monitor_status_info.py new file mode 100644 index 00000000..64b14136 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/anc_endpoint_bulk_monitor_status_info.py @@ -0,0 +1,71 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: anc_endpoint_bulk_monitor_status_info +short_description: Information module for ANC Endpoint Bulk Monitor Status +description: +- Get ANC Endpoint Bulk Monitor Status by id. +- This API allows the client to monitor the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + bulkid: + description: + - Bulkid path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + anc_endpoint.AncEndpoint.monitor_bulk_status_anc_endpoint, + + - Paths used are + get /ers/config/ancendpoint/bulk/{bulkid}, + +""" + +EXAMPLES = r""" +- name: Get ANC Endpoint Bulk Monitor Status by id + cisco.ise.anc_endpoint_bulk_monitor_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + bulkid: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "bulkID": "string", + "executionStatus": "string", + "operationType": "string", + "startTime": "string", + "resourcesCount": 0, + "successCount": 0, + "failCount": 0, + "resourcesStatus": [ + { + "id": "string", + "name": "string", + "description": "string", + "resourceExecutionStatus": "string", + "status": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/anc_endpoint_bulk_request.py b/ansible_collections/cisco/ise/plugins/modules/anc_endpoint_bulk_request.py new file mode 100644 index 00000000..f2d1971d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/anc_endpoint_bulk_request.py @@ -0,0 +1,56 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: anc_endpoint_bulk_request +short_description: Resource module for ANC Endpoint Bulk Request +description: +- Manage operation update of the resource ANC Endpoint Bulk Request. +- This API allows the client to submit the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + operationType: + description: ANC Endpoint Bulk Request's operationType. + type: str + resourceMediaType: + description: ANC Endpoint Bulk Request's resourceMediaType. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + anc_endpoint.AncEndpoint.bulk_request_for_anc_endpoint, + + - Paths used are + put /ers/config/ancendpoint/bulk/submit, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.anc_endpoint_bulk_request: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + operationType: string + resourceMediaType: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/anc_endpoint_clear.py b/ansible_collections/cisco/ise/plugins/modules/anc_endpoint_clear.py new file mode 100644 index 00000000..371f16a2 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/anc_endpoint_clear.py @@ -0,0 +1,64 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: anc_endpoint_clear +short_description: Resource module for ANC Endpoint Clear +description: +- Manage operation update of the resource ANC Endpoint Clear. +- This API allows the client to clear the required configuration. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + additionalData: + description: ANC Endpoint Clear's additionalData. + elements: dict + suboptions: + name: + description: ANC Endpoint Clear's name. + type: str + value: + description: ANC Endpoint Clear's value. + type: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + anc_endpoint.AncEndpoint.clear_anc_endpoint, + + - Paths used are + put /ers/config/ancendpoint/clear, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.anc_endpoint_clear: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + additionalData: + - name: macAddress + value: MAC address + - name: ipAddress + value: IP address + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/anc_endpoint_info.py b/ansible_collections/cisco/ise/plugins/modules/anc_endpoint_info.py new file mode 100644 index 00000000..8a198d96 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/anc_endpoint_info.py @@ -0,0 +1,143 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: anc_endpoint_info +short_description: Information module for ANC Endpoint +description: +- Get all ANC Endpoint. +- Get ANC Endpoint by id. +- This API allows the client to get all the ANC endpoints. +- This API allows the client to get an ANC endpoint by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + anc_endpoint.AncEndpoint.get_anc_endpoint_by_id, + anc_endpoint.AncEndpoint.get_anc_endpoint_generator, + + - Paths used are + get /ers/config/ancendpoint, + get /ers/config/ancendpoint/{id}, + +""" + +EXAMPLES = r""" +- name: Get all ANC Endpoint + cisco.ise.anc_endpoint_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get ANC Endpoint by id + cisco.ise.anc_endpoint_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "macAddress": "string", + "policyName": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "macAddress": "string", + "policyName": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/anc_policy.py b/ansible_collections/cisco/ise/plugins/modules/anc_policy.py new file mode 100644 index 00000000..67ae179e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/anc_policy.py @@ -0,0 +1,122 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: anc_policy +short_description: Resource module for ANC Policy +description: +- Manage operations create, update and delete of the resource ANC Policy. +- This API allows the client to create an ANC policy. +- This API allows the client to delete an ANC policy. +- This API allows the client to update an ANC policy. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + actions: + description: '- QUARANTINE Allows you to use Exception policies (authorization policies) + to limit or deny an endpoint access to the network. - PORTBOUNCE Resets the port + on the network device to which the endpoint is connected. - SHUTDOWN Shuts down + the port on the network device to which the endpoint is connected. - RE_AUTHENTICATE + Re-authenticates the session from the endpoint.' + elements: str + type: list + id: + description: ANC Policy's id. + type: str + name: + description: ANC Policy's name. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + anc_policy.AncPolicy.create_anc_policy, + anc_policy.AncPolicy.delete_anc_policy_by_id, + anc_policy.AncPolicy.update_anc_policy_by_id, + + - Paths used are + post /ers/config/ancpolicy, + delete /ers/config/ancpolicy/{id}, + put /ers/config/ancpolicy/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.anc_policy: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + actions: + - string + id: string + name: string + +- name: Delete by id + cisco.ise.anc_policy: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.anc_policy: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + actions: + - string + name: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "actions": [ + "string" + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ] + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/anc_policy_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/modules/anc_policy_bulk_monitor_status_info.py new file mode 100644 index 00000000..1a3f9c08 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/anc_policy_bulk_monitor_status_info.py @@ -0,0 +1,71 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: anc_policy_bulk_monitor_status_info +short_description: Information module for ANC Policy Bulk Monitor Status +description: +- Get ANC Policy Bulk Monitor Status by id. +- This API allows the client to monitor the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + bulkid: + description: + - Bulkid path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + anc_policy.AncPolicy.monitor_bulk_status_anc_policy, + + - Paths used are + get /ers/config/ancpolicy/bulk/{bulkid}, + +""" + +EXAMPLES = r""" +- name: Get ANC Policy Bulk Monitor Status by id + cisco.ise.anc_policy_bulk_monitor_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + bulkid: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "bulkID": "string", + "executionStatus": "string", + "operationType": "string", + "startTime": "string", + "resourcesCount": 0, + "successCount": 0, + "failCount": 0, + "resourcesStatus": [ + { + "id": "string", + "name": "string", + "description": "string", + "resourceExecutionStatus": "string", + "status": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/anc_policy_bulk_request.py b/ansible_collections/cisco/ise/plugins/modules/anc_policy_bulk_request.py new file mode 100644 index 00000000..0161c722 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/anc_policy_bulk_request.py @@ -0,0 +1,56 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: anc_policy_bulk_request +short_description: Resource module for ANC Policy Bulk Request +description: +- Manage operation update of the resource ANC Policy Bulk Request. +- This API allows the client to submit the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + operationType: + description: ANC Policy Bulk Request's operationType. + type: str + resourceMediaType: + description: ANC Policy Bulk Request's resourceMediaType. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + anc_policy.AncPolicy.bulk_request_for_anc_policy, + + - Paths used are + put /ers/config/ancpolicy/bulk/submit, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.anc_policy_bulk_request: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + operationType: string + resourceMediaType: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/anc_policy_info.py b/ansible_collections/cisco/ise/plugins/modules/anc_policy_info.py new file mode 100644 index 00000000..904267a3 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/anc_policy_info.py @@ -0,0 +1,164 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: anc_policy_info +short_description: Information module for ANC Policy +description: +- Get all ANC Policy. +- Get ANC Policy by id. +- Get ANC Policy by name. +- This API allows the client to get all the ANC policies. +- This API allows the client to get an ANC policy by ID. +- This API allows the client to get an ANC policy by name. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + anc_policy.AncPolicy.get_anc_policy_by_id, + anc_policy.AncPolicy.get_anc_policy_by_name, + anc_policy.AncPolicy.get_anc_policy_generator, + + - Paths used are + get /ers/config/ancpolicy, + get /ers/config/ancpolicy/name/{name}, + get /ers/config/ancpolicy/{id}, + +""" + +EXAMPLES = r""" +- name: Get all ANC Policy + cisco.ise.anc_policy_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get ANC Policy by id + cisco.ise.anc_policy_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get ANC Policy by name + cisco.ise.anc_policy_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "actions": [ + "string" + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "actions": [ + "string" + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/authorization_profile.py b/ansible_collections/cisco/ise/plugins/modules/authorization_profile.py new file mode 100644 index 00000000..b00dd4aa --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/authorization_profile.py @@ -0,0 +1,403 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: authorization_profile +short_description: Resource module for Authorization Profile +description: +- Manage operations create, update and delete of the resource Authorization Profile. +- This API creates an authorization profile. +- This API deletes an authorization profile. +- This API allows the client to update an authorization profile. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + accessType: + description: Allowed Values - ACCESS_ACCEPT, - ACCESS_REJECT. + type: str + acl: + description: Authorization Profile's acl. + type: str + advancedAttributes: + description: Authorization Profile's advancedAttributes. + elements: dict + suboptions: + leftHandSideDictionaryAttribue: + description: Authorization Profile's leftHandSideDictionaryAttribue. + suboptions: + AdvancedAttributeValueType: + description: Authorization Profile's AdvancedAttributeValueType. + type: str + attributeName: + description: Authorization Profile's attributeName. + type: str + dictionaryName: + description: Authorization Profile's dictionaryName. + type: str + value: + description: Authorization Profile's value. + type: str + type: dict + rightHandSideAttribueValue: + description: Attribute value can be of type AttributeValue or AdvancedDictionaryAttribute. + For AttributeValue the value is String, For AdvancedDictionaryAttribute the + value is dictionaryName and attributeName properties. + suboptions: + AdvancedAttributeValueType: + description: Authorization Profile's AdvancedAttributeValueType. + type: str + attributeName: + description: Authorization Profile's attributeName. + type: str + dictionaryName: + description: Authorization Profile's dictionaryName. + type: str + value: + description: Authorization Profile's value. + type: str + type: dict + type: list + agentlessPosture: + description: AgentlessPosture flag. + type: bool + airespaceACL: + description: Authorization Profile's airespaceACL. + type: str + airespaceIPv6ACL: + description: Authorization Profile's airespaceIPv6ACL. + type: str + asaVpn: + description: Authorization Profile's asaVpn. + type: str + authzProfileType: + description: Allowed Values - SWITCH, - TRUSTSEC, - TACACS SWITCH is used for Standard + Authorization Profiles. + type: str + autoSmartPort: + description: Authorization Profile's autoSmartPort. + type: str + avcProfile: + description: Authorization Profile's avcProfile. + type: str + daclName: + description: Authorization Profile's daclName. + type: str + description: + description: Authorization Profile's description. + type: str + easywiredSessionCandidate: + description: EasywiredSessionCandidate flag. + type: bool + id: + description: Resource UUID value. + type: str + interfaceTemplate: + description: Authorization Profile's interfaceTemplate. + type: str + ipv6ACLFilter: + description: Authorization Profile's ipv6ACLFilter. + type: str + ipv6DaclName: + description: Authorization Profile's ipv6DaclName. + type: str + macSecPolicy: + description: Allowed Values - MUST_SECURE, - MUST_NOT_SECURE, - SHOULD_SECURE. + type: str + name: + description: Resource Name. + type: str + neat: + description: Neat flag. + type: bool + profileName: + description: Authorization Profile's profileName. + type: str + reauth: + description: Authorization Profile's reauth. + suboptions: + connectivity: + description: Allowed Values - DEFAULT, - RADIUS_REQUEST. + type: str + timer: + description: Valid range is 1-65535. + type: int + type: dict + serviceTemplate: + description: ServiceTemplate flag. + type: bool + trackMovement: + description: TrackMovement flag. + type: bool + vlan: + description: Authorization Profile's vlan. + suboptions: + nameID: + description: Authorization Profile's nameID. + type: str + tagID: + description: Valid range is 0-31. + type: int + type: dict + voiceDomainPermission: + description: VoiceDomainPermission flag. + type: bool + webAuth: + description: WebAuth flag. + type: bool + webRedirection: + description: Authorization Profile's webRedirection. + suboptions: + WebRedirectionType: + description: Value MUST be one of the following CentralizedWebAuth, HotSpot, + NativeSupplicanProvisioning, ClientProvisioning. The WebRedirectionType must + fit the portalName. + type: str + acl: + description: Authorization Profile's acl. + type: str + displayCertificatesRenewalMessages: + description: The displayCertificatesRenewalMessages is mandatory when 'WebRedirectionType' + value is 'CentralizedWebAuth'. For all other 'WebRedirectionType' values the + field must be ignored. + type: bool + portalName: + description: A portal that exist in the DB and fits the WebRedirectionType. + type: str + staticIPHostNameFQDN: + description: Authorization Profile's staticIPHostNameFQDN. + type: str + type: dict +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + authorization_profile.AuthorizationProfile.create_authorization_profile, + authorization_profile.AuthorizationProfile.delete_authorization_profile_by_id, + authorization_profile.AuthorizationProfile.update_authorization_profile_by_id, + + - Paths used are + post /ers/config/authorizationprofile, + delete /ers/config/authorizationprofile/{id}, + put /ers/config/authorizationprofile/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.authorization_profile: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + accessType: string + acl: string + advancedAttributes: + - leftHandSideDictionaryAttribue: + AdvancedAttributeValueType: string + attributeName: string + dictionaryName: string + value: string + rightHandSideAttribueValue: + AdvancedAttributeValueType: string + attributeName: string + dictionaryName: string + value: string + agentlessPosture: true + airespaceACL: string + airespaceIPv6ACL: string + asaVpn: string + authzProfileType: string + autoSmartPort: string + avcProfile: string + daclName: string + description: string + easywiredSessionCandidate: true + id: string + interfaceTemplate: string + ipv6ACLFilter: string + ipv6DaclName: string + macSecPolicy: string + name: string + neat: true + profileName: string + reauth: + connectivity: string + timer: 0 + serviceTemplate: true + trackMovement: true + vlan: + nameID: string + tagID: 0 + voiceDomainPermission: true + webAuth: true + webRedirection: + WebRedirectionType: string + acl: string + displayCertificatesRenewalMessages: true + portalName: string + staticIPHostNameFQDN: string + +- name: Delete by id + cisco.ise.authorization_profile: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.authorization_profile: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + accessType: string + acl: string + advancedAttributes: + - leftHandSideDictionaryAttribue: + AdvancedAttributeValueType: string + attributeName: string + dictionaryName: string + value: string + rightHandSideAttribueValue: + AdvancedAttributeValueType: string + attributeName: string + dictionaryName: string + value: string + agentlessPosture: true + airespaceACL: string + airespaceIPv6ACL: string + asaVpn: string + authzProfileType: string + autoSmartPort: string + avcProfile: string + daclName: string + description: string + easywiredSessionCandidate: true + id: string + interfaceTemplate: string + ipv6ACLFilter: string + ipv6DaclName: string + macSecPolicy: string + name: string + neat: true + profileName: string + reauth: + connectivity: string + timer: 0 + serviceTemplate: true + trackMovement: true + vlan: + nameID: string + tagID: 0 + voiceDomainPermission: true + webAuth: true + webRedirection: + WebRedirectionType: string + acl: string + displayCertificatesRenewalMessages: true + portalName: string + staticIPHostNameFQDN: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "advancedAttributes": [ + { + "leftHandSideDictionaryAttribue": { + "AdvancedAttributeValueType": "string", + "dictionaryName": "string", + "attributeName": "string", + "value": "string" + }, + "rightHandSideAttribueValue": { + "AdvancedAttributeValueType": "string", + "dictionaryName": "string", + "attributeName": "string", + "value": "string" + } + } + ], + "accessType": "string", + "authzProfileType": "string", + "vlan": { + "nameID": "string", + "tagID": 0 + }, + "reauth": { + "timer": 0, + "connectivity": "string" + }, + "airespaceACL": "string", + "airespaceIPv6ACL": "string", + "webRedirection": { + "WebRedirectionType": "string", + "acl": "string", + "portalName": "string", + "staticIPHostNameFQDN": "string", + "displayCertificatesRenewalMessages": true + }, + "acl": "string", + "trackMovement": true, + "agentlessPosture": true, + "serviceTemplate": true, + "easywiredSessionCandidate": true, + "daclName": "string", + "voiceDomainPermission": true, + "neat": true, + "webAuth": true, + "autoSmartPort": "string", + "interfaceTemplate": "string", + "ipv6ACLFilter": "string", + "avcProfile": "string", + "macSecPolicy": "string", + "asaVpn": "string", + "profileName": "string", + "ipv6DaclName": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/authorization_profile_info.py b/ansible_collections/cisco/ise/plugins/modules/authorization_profile_info.py new file mode 100644 index 00000000..c4b89790 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/authorization_profile_info.py @@ -0,0 +1,226 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: authorization_profile_info +short_description: Information module for Authorization Profile +description: +- Get all Authorization Profile. +- Get Authorization Profile by id. +- Get Authorization Profile by name. +- This API allows the client to get all authorization profiles. +- This API allows the client to get an authorization profile by ID. +- This API allows the client to get an authorization profile by name. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + authorization_profile.AuthorizationProfile.get_authorization_profile_by_id, + authorization_profile.AuthorizationProfile.get_authorization_profile_by_name, + authorization_profile.AuthorizationProfile.get_authorization_profiles_generator, + + - Paths used are + get /ers/config/authorizationprofile, + get /ers/config/authorizationprofile/name/{name}, + get /ers/config/authorizationprofile/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Authorization Profile + cisco.ise.authorization_profile_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + register: result + +- name: Get Authorization Profile by id + cisco.ise.authorization_profile_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get Authorization Profile by name + cisco.ise.authorization_profile_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "advancedAttributes": [ + { + "leftHandSideDictionaryAttribue": { + "AdvancedAttributeValueType": "string", + "dictionaryName": "string", + "attributeName": "string", + "value": "string" + }, + "rightHandSideAttribueValue": { + "AdvancedAttributeValueType": "string", + "dictionaryName": "string", + "attributeName": "string", + "value": "string" + } + } + ], + "accessType": "string", + "authzProfileType": "string", + "vlan": { + "nameID": "string", + "tagID": 0 + }, + "reauth": { + "timer": 0, + "connectivity": "string" + }, + "airespaceACL": "string", + "airespaceIPv6ACL": "string", + "webRedirection": { + "WebRedirectionType": "string", + "acl": "string", + "portalName": "string", + "staticIPHostNameFQDN": "string", + "displayCertificatesRenewalMessages": true + }, + "acl": "string", + "trackMovement": true, + "agentlessPosture": true, + "serviceTemplate": true, + "easywiredSessionCandidate": true, + "daclName": "string", + "voiceDomainPermission": true, + "neat": true, + "webAuth": true, + "autoSmartPort": "string", + "interfaceTemplate": "string", + "ipv6ACLFilter": "string", + "avcProfile": "string", + "macSecPolicy": "string", + "asaVpn": "string", + "profileName": "string", + "ipv6DaclName": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "advancedAttributes": [ + { + "leftHandSideDictionaryAttribue": { + "AdvancedAttributeValueType": "string", + "dictionaryName": "string", + "attributeName": "string", + "value": "string" + }, + "rightHandSideAttribueValue": { + "AdvancedAttributeValueType": "string", + "dictionaryName": "string", + "attributeName": "string", + "value": "string" + } + } + ], + "accessType": "string", + "authzProfileType": "string", + "vlan": { + "nameID": "string", + "tagID": 0 + }, + "reauth": { + "timer": 0, + "connectivity": "string" + }, + "airespaceACL": "string", + "airespaceIPv6ACL": "string", + "webRedirection": { + "WebRedirectionType": "string", + "acl": "string", + "portalName": "string", + "staticIPHostNameFQDN": "string", + "displayCertificatesRenewalMessages": true + }, + "acl": "string", + "trackMovement": true, + "agentlessPosture": true, + "serviceTemplate": true, + "easywiredSessionCandidate": true, + "daclName": "string", + "voiceDomainPermission": true, + "neat": true, + "webAuth": true, + "autoSmartPort": "string", + "interfaceTemplate": "string", + "ipv6ACLFilter": "string", + "avcProfile": "string", + "macSecPolicy": "string", + "asaVpn": "string", + "profileName": "string", + "ipv6DaclName": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/backup_cancel.py b/ansible_collections/cisco/ise/plugins/modules/backup_cancel.py new file mode 100644 index 00000000..421c086d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/backup_cancel.py @@ -0,0 +1,70 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: backup_cancel +short_description: Resource module for Backup Cancel +description: +- Manage operation create of the resource Backup Cancel. +- Cancels the backup job running on the node. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Backup And Restore + description: Complete reference of the Backup And Restore API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!backup-and-restore-open-api +notes: + - SDK Method used are + backup_and_restore.BackupAndRestore.cancel_backup, + + - Paths used are + post /api/v1/backup-restore/config/cancel-backup, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.backup_cancel: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "action": "string", + "details": "string", + "error": "string", + "hostName": "string", + "initiatedFrom": "string", + "justComplete": "string", + "message": "string", + "name": "string", + "percentComplete": "string", + "repository": "string", + "scheduled": "string", + "startDate": "string", + "status": "string", + "type": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/backup_config.py b/ansible_collections/cisco/ise/plugins/modules/backup_config.py new file mode 100644 index 00000000..ce5a43eb --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/backup_config.py @@ -0,0 +1,80 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: backup_config +short_description: Resource module for Backup Config +description: +- Manage operation create of the resource Backup Config. +- Triggers on demand configuration backup on the ISE node. The API returns the task ID. Use the Task Service status API to get the status of the backup job. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + backupEncryptionKey: + description: The encyption key for the backed up file. Encryption key must satisfy + the following criteria - Contains at least one uppercase letter A-Z, Contains + at least one lowercase letter a-z, Contains at least one digit 0-9, Contain only + A-Za-z0-9_#, Has at least 8 characters, Has not more than 15 characters, Must + not contain 'CcIiSsCco', Must not begin with. + type: str + backupName: + description: The backup file will get saved with this name. + type: str + repositoryName: + description: Name of the configured repository where the generated backup file will + get copied. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Backup And Restore + description: Complete reference of the Backup And Restore API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!backup-and-restore-open-api +notes: + - SDK Method used are + backup_and_restore.BackupAndRestore.config_backup, + + - Paths used are + post /api/v1/backup-restore/config/backup, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.backup_config: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + backupEncryptionKey: string + backupName: string + repositoryName: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "id": "string", + "message": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/backup_last_status_info.py b/ansible_collections/cisco/ise/plugins/modules/backup_last_status_info.py new file mode 100644 index 00000000..9b176d70 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/backup_last_status_info.py @@ -0,0 +1,68 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: backup_last_status_info +short_description: Information module for Backup Last Status +description: +- Get all Backup Last Status. +- Gives the last backup status. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Backup And Restore + description: Complete reference of the Backup And Restore API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!backup-and-restore-open-api +notes: + - SDK Method used are + backup_and_restore.BackupAndRestore.get_last_config_backup_status, + + - Paths used are + get /api/v1/backup-restore/config/last-backup-status, + +""" + +EXAMPLES = r""" +- name: Get all Backup Last Status + cisco.ise.backup_last_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "action": "string", + "details": "string", + "error": "string", + "hostName": "string", + "initiatedFrom": "string", + "justComplete": "string", + "message": "string", + "name": "string", + "percentComplete": "string", + "repository": "string", + "scheduled": "string", + "startDate": "string", + "status": "string", + "type": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/backup_restore.py b/ansible_collections/cisco/ise/plugins/modules/backup_restore.py new file mode 100644 index 00000000..1480f8d6 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/backup_restore.py @@ -0,0 +1,80 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: backup_restore +short_description: Resource module for Backup RESTore +description: +- Manage operation create of the resource Backup RESTore. +- Triggers a configuration DB restore job on the ISE node. The API returns the task ID. Use the Task Service status API to get the status of the backup job. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + backupEncryptionKey: + description: The encryption key which was provided at the time of taking backup. + type: str + repositoryName: + description: Name of the configred repository where the backup file exists. + type: str + restoreFile: + description: Name of the backup file to be restored on ISE node. + type: str + restoreIncludeAdeos: + description: Determines whether the ADE-OS configure is restored. Possible values + true, false. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Backup And Restore + description: Complete reference of the Backup And Restore API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!backup-and-restore-open-api +notes: + - SDK Method used are + backup_and_restore.BackupAndRestore.restore_config_backup, + + - Paths used are + post /api/v1/backup-restore/config/restore, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.backup_restore: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + backupEncryptionKey: string + repositoryName: string + restoreFile: string + restoreIncludeAdeos: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "id": "string", + "message": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/backup_schedule_config.py b/ansible_collections/cisco/ise/plugins/modules/backup_schedule_config.py new file mode 100644 index 00000000..74ab9ab7 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/backup_schedule_config.py @@ -0,0 +1,113 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: backup_schedule_config +short_description: Resource module for Backup Schedule Config +description: +- Manage operation create of the resource Backup Schedule Config. +- Schedules the configuration backup on the ISE node as per the input parameters. This API helps in creating the schedule for the first time. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + backupDescription: + description: Description of the backup. + type: str + backupEncryptionKey: + description: The encyption key for the backed up file. Encryption key must satisfy + the following criteria - Contains at least one uppercase letter A-Z, Contains + at least one lowercase letter a-z, Contains at least one digit 0-9, Contain only + A-Za-z0-9_#, Has at least 8 characters, Has not more than 15 characters, Must + not contain 'CcIiSsCco', Must not begin with. + type: str + backupName: + description: The backup file will get saved with this name. + type: str + endDate: + description: End date of the scheduled backup job. Allowed format MM/DD/YYYY. End + date is not required in case of ONE_TIME frequency. + type: str + frequency: + description: Backup Schedule Config's frequency. + type: str + monthDay: + description: Day of month you want backup to be performed on when scheduled frequency + is MONTHLY. Allowed values - from 1 to 28. + type: str + repositoryName: + description: Name of the configured repository where the generated backup file will + get copied. + type: str + startDate: + description: Start date for scheduling the backup job. Allowed format MM/DD/YYYY. + type: str + status: + description: Backup Schedule Config's status. + type: str + time: + description: Time at which backup job get scheduled. Example- 12 00 AM. + type: str + weekDay: + description: Backup Schedule Config's weekDay. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Backup And Restore + description: Complete reference of the Backup And Restore API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!backup-and-restore-open-api +notes: + - SDK Method used are + backup_and_restore.BackupAndRestore.create_scheduled_config_backup, + + - Paths used are + post /api/v1/backup-restore/config/schedule-config-backup, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.backup_schedule_config: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + backupDescription: string + backupEncryptionKey: string + backupName: string + endDate: string + frequency: string + monthDay: string + repositoryName: string + startDate: string + status: string + time: string + weekDay: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "message": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/backup_schedule_config_update.py b/ansible_collections/cisco/ise/plugins/modules/backup_schedule_config_update.py new file mode 100644 index 00000000..9babddc2 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/backup_schedule_config_update.py @@ -0,0 +1,113 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: backup_schedule_config_update +short_description: Resource module for Backup Schedule Config Update +description: +- Manage operation update of the resource Backup Schedule Config Update. +- Update the Schedule of the configuration backup on the ISE node as per the input parameters. This API only helps in editing the schedule. +version_added: '2.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + backupDescription: + description: Description of the backup. + type: str + backupEncryptionKey: + description: The encyption key for the backed up file. Encryption key must satisfy + the following criteria - Contains at least one uppercase letter A-Z, Contains + at least one lowercase letter a-z, Contains at least one digit 0-9, Contain only + A-Za-z0-9_#, Has at least 8 characters, Has not more than 15 characters, Must + not contain 'CcIiSsCco', Must not begin with. + type: str + backupName: + description: The backup file will get saved with this name. + type: str + endDate: + description: End date of the scheduled backup job. Allowed format MM/DD/YYYY. End + date is not required in case of ONE_TIME frequency. + type: str + frequency: + description: Backup Schedule Config Update's frequency. + type: str + monthDay: + description: Day of month you want backup to be performed on when scheduled frequency + is MONTHLY. Allowed values - from 1 to 28. + type: str + repositoryName: + description: Name of the configured repository where the generated backup file will + get copied. + type: str + startDate: + description: Start date for scheduling the backup job. Allowed format MM/DD/YYYY. + type: str + status: + description: Backup Schedule Config Update's status. + type: str + time: + description: Time at which backup job get scheduled. Example- 12 00 AM. + type: str + weekDay: + description: Backup Schedule Config Update's weekDay. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Backup And Restore + description: Complete reference of the Backup And Restore API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!backup-and-restore-open-api +notes: + - SDK Method used are + backup_and_restore.BackupAndRestore.update_scheduled_config_backup, + + - Paths used are + put /api/v1/backup-restore/config/schedule-config-backup, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.backup_schedule_config_update: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + backupDescription: string + backupEncryptionKey: string + backupName: string + endDate: string + frequency: string + monthDay: string + repositoryName: string + startDate: string + status: string + time: string + weekDay: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "message": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/bind_signed_certificate.py b/ansible_collections/cisco/ise/plugins/modules/bind_signed_certificate.py new file mode 100644 index 00000000..74576e8c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/bind_signed_certificate.py @@ -0,0 +1,126 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: bind_signed_certificate +short_description: Resource module for Bind Signed Certificate +description: +- Manage operation create of the resource Bind Signed Certificate. +- Bind CA Signed Certificate. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + admin: + description: Use certificate to authenticate the Cisco ISE Admin Portal. + type: bool + allowExtendedValidity: + description: Allow import of certificates with validity greater than 398 days (required). + type: bool + allowOutOfDateCert: + description: Allow out of date certificates (required). + type: bool + allowReplacementOfCertificates: + description: Allow Replacement of certificates (required). + type: bool + allowReplacementOfPortalGroupTag: + description: Allow Replacement of Portal Group Tag (required). + type: bool + data: + description: Signed certificate data (required). + type: str + eap: + description: Use certificate for EAP protocols that use SSL/TLS tunneling. + type: bool + hostName: + description: Name of Host whose CSR ID has been provided (required). + type: str + id: + description: ID of the generated CSR (required). + type: str + ims: + description: Use certificate for the Cisco ISE Messaging Service. + type: bool + name: + description: Friendly Name of the certificate. + type: str + portal: + description: Use for portal. + type: bool + portalGroupTag: + description: Set Group tag. + type: str + pxgrid: + description: Use certificate for the pxGrid Controller. + type: bool + radius: + description: Use certificate for the RADSec server. + type: bool + saml: + description: Use certificate for SAML Signing. + type: bool + validateCertificateExtensions: + description: Validate Certificate Extensions. + type: bool +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Certificates + description: Complete reference of the Certificates API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!certificate-openapi +notes: + - SDK Method used are + certificates.Certificates.bind_csr, + + - Paths used are + post /api/v1/certs/signed-certificate/bind, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.bind_signed_certificate: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + admin: true + allowExtendedValidity: true + allowOutOfDateCert: true + allowReplacementOfCertificates: true + allowReplacementOfPortalGroupTag: true + data: string + eap: true + hostName: string + id: string + ims: true + name: string + portal: true + portalGroupTag: string + pxgrid: true + radius: true + saml: true + validateCertificateExtensions: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "message": "string", + "status": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/byod_portal.py b/ansible_collections/cisco/ise/plugins/modules/byod_portal.py new file mode 100644 index 00000000..c3b77fad --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/byod_portal.py @@ -0,0 +1,561 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: byod_portal +short_description: Resource module for BYOD Portal +description: +- Manage operations create, update and delete of the resource BYOD Portal. +- This API creates a BYOD portal. +- This API deletes a BYOD portal by ID. +- This API allows the client to update a BYOD portal by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + customizations: + description: Defines all of the Portal Customizations available for a BYOD. + suboptions: + globalCustomizations: + description: Represent the portal Global customizations. + suboptions: + backgroundImage: + description: BYOD Portal's backgroundImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + bannerImage: + description: BYOD Portal's bannerImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + bannerTitle: + description: BYOD Portal's bannerTitle. + type: str + contactText: + description: BYOD Portal's contactText. + type: str + desktopLogoImage: + description: BYOD Portal's desktopLogoImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + footerElement: + description: BYOD Portal's footerElement. + type: str + mobileLogoImage: + description: BYOD Portal's mobileLogoImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + type: dict + language: + description: This property is supported only for Read operation and it allows + to show the customizations in English. Other languages are not supported. + suboptions: + viewLanguage: + description: BYOD Portal's viewLanguage. + type: str + type: dict + pageCustomizations: + description: Represent the entire page customization as a giant dictionary. + suboptions: + data: + description: The Dictionary will be exposed here as key value pair. + elements: dict + suboptions: + key: + description: BYOD Portal's key. + type: str + value: + description: BYOD Portal's value. + type: str + type: list + type: dict + portalTheme: + description: Defines the configuration for portal theme. + suboptions: + id: + description: The unique internal identifier of the portal theme. + type: str + name: + description: The system- or user-assigned name of the portal theme. + type: str + themeData: + description: A CSS file, represented as a Base64-encoded byte array. + type: str + type: dict + portalTweakSettings: + description: The Tweak Settings are a customization of the Portal Theme that + has been selected for the portal. When the Portal Theme selection is changed, + the Tweak Settings are overwritten to match the values in the theme. The Tweak + Settings can subsequently be changed by the user. + suboptions: + bannerColor: + description: Hex value of color. + type: str + bannerTextColor: + description: BYOD Portal's bannerTextColor. + type: str + pageBackgroundColor: + description: BYOD Portal's pageBackgroundColor. + type: str + pageLabelAndTextColor: + description: BYOD Portal's pageLabelAndTextColor. + type: str + type: dict + type: dict + description: + description: BYOD Portal's description. + type: str + id: + description: Resource UUID, mandatory for update. + type: str + name: + description: Resource Name. + type: str + portalTestUrl: + description: URL to bring up a test page for this portal. + type: str + portalType: + description: Allowed values - BYOD, - HOTSPOTGUEST, - MYDEVICE, - SELFREGGUEST, + - SPONSOR, - SPONSOREDGUEST. + type: str + settings: + description: Defines all of the settings groups available for a BYOD. + suboptions: + byodSettings: + description: Configuration of BYOD Device Welcome, Registration and Success + steps. + suboptions: + byodRegistrationSettings: + description: BYOD Portal's byodRegistrationSettings. + suboptions: + endPointIdentityGroupId: + description: BYOD Portal's endPointIdentityGroupId. + type: str + showDeviceID: + description: ShowDeviceID flag. + type: bool + type: dict + byodRegistrationSuccessSettings: + description: BYOD Portal's byodRegistrationSuccessSettings. + suboptions: + redirectUrl: + description: Target URL for redirection, used when successRedirect = + URL. + type: str + successRedirect: + description: After an Authentication Success where should device be + redirected. Allowed values. + type: str + type: dict + byodWelcomeSettings: + description: Configuration of BYOD endpoint welcome step configuration. + suboptions: + aupDisplay: + description: How the AUP should be displayed, either on page or as a + link. Only valid if includeAup = true. Allowed values - ONPAGE, - + ASLINK. + type: str + enableBYOD: + description: EnableBYOD flag. + type: bool + enableGuestAccess: + description: EnableGuestAccess flag. + type: bool + includeAup: + description: IncludeAup flag. + type: bool + requireAupAcceptance: + description: RequireAupAcceptance flag. + type: bool + requireMDM: + description: RequireMDM flag. + type: bool + requireScrolling: + description: Require BYOD devices to scroll down to the bottom of the + AUP, Only valid if includeAup = true. + type: bool + type: dict + type: dict + portalSettings: + description: The port, interface, certificate, and other basic settings of a + portal. + suboptions: + allowedInterfaces: + description: Interfaces that the portal will be reachable on. Allowed values + - eth0, - eth1, - eth2, - eth3, - eth4, - eth5, - bond0, - bond1, - bond2. + elements: str + type: list + alwaysUsedLanguage: + description: Used when displayLang = ALWAYSUSE. + type: str + certificateGroupTag: + description: Logical name of the x.509 server certificate that will be used + for the portal. + type: str + displayLang: + description: Allowed values - USEBROWSERLOCALE, - ALWAYSUSE. + type: str + endpointIdentityGroup: + description: Unique Id of the endpoint identity group where user's devices + will be added. Used only in Hotspot Portal. + type: str + fallbackLanguage: + description: Used when displayLang = USEBROWSERLOCALE. + type: str + httpsPort: + description: The port number that the allowed interfaces will listen on. + Range from 8000 to 8999. + type: int + type: dict + supportInfoSettings: + description: BYOD Portal's supportInfoSettings. + suboptions: + defaultEmptyFieldValue: + description: The default value displayed for an empty field. Only valid + when emptyFieldDisplay = DISPLAYWITHDEFAULTVALUE. + type: str + emptyFieldDisplay: + description: Specifies how empty fields are handled on the Support Information + Page. Allowed values - HIDE, - DISPLAYWITHNOVALUE, - DISPLAYWITHDEFAULTVALUE. + type: str + includeBrowserUserAgent: + description: IncludeBrowserUserAgent flag. + type: bool + includeFailureCode: + description: IncludeFailureCode flag. + type: bool + includeIpAddress: + description: IncludeIpAddress flag. + type: bool + includeMacAddr: + description: IncludeMacAddr flag. + type: bool + includePolicyServer: + description: IncludePolicyServer flag. + type: bool + includeSupportInfoPage: + description: IncludeSupportInfoPage flag. + type: bool + type: dict + type: dict +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + byod_portal.ByodPortal.create_byod_portal, + byod_portal.ByodPortal.delete_byod_portal_by_id, + byod_portal.ByodPortal.update_byod_portal_by_id, + + - Paths used are + post /ers/config/byodportal, + delete /ers/config/byodportal/{id}, + put /ers/config/byodportal/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.byod_portal: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + customizations: + globalCustomizations: + backgroundImage: + data: string + bannerImage: + data: string + bannerTitle: string + contactText: string + desktopLogoImage: + data: string + footerElement: string + mobileLogoImage: + data: string + language: + viewLanguage: string + pageCustomizations: + data: + - key: string + value: string + portalTheme: + id: string + name: string + themeData: string + portalTweakSettings: + bannerColor: string + bannerTextColor: string + pageBackgroundColor: string + pageLabelAndTextColor: string + description: string + id: string + name: string + portalTestUrl: string + portalType: string + settings: + byodSettings: + byodRegistrationSettings: + endPointIdentityGroupId: string + showDeviceID: true + byodRegistrationSuccessSettings: + redirectUrl: string + successRedirect: string + byodWelcomeSettings: + aupDisplay: string + enableBYOD: true + enableGuestAccess: true + includeAup: true + requireAupAcceptance: true + requireMDM: true + requireScrolling: true + portalSettings: + allowedInterfaces: + - string + alwaysUsedLanguage: string + certificateGroupTag: string + displayLang: string + endpointIdentityGroup: string + fallbackLanguage: string + httpsPort: 0 + supportInfoSettings: + defaultEmptyFieldValue: string + emptyFieldDisplay: string + includeBrowserUserAgent: true + includeFailureCode: true + includeIpAddress: true + includeMacAddr: true + includePolicyServer: true + includeSupportInfoPage: true + +- name: Delete by id + cisco.ise.byod_portal: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.byod_portal: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + customizations: + globalCustomizations: + backgroundImage: + data: string + bannerImage: + data: string + bannerTitle: string + contactText: string + desktopLogoImage: + data: string + footerElement: string + mobileLogoImage: + data: string + language: + viewLanguage: string + pageCustomizations: + data: + - key: string + value: string + portalTheme: + id: string + name: string + themeData: string + portalTweakSettings: + bannerColor: string + bannerTextColor: string + pageBackgroundColor: string + pageLabelAndTextColor: string + description: string + id: string + name: string + portalTestUrl: string + portalType: string + settings: + byodSettings: + byodRegistrationSettings: + endPointIdentityGroupId: string + showDeviceID: true + byodRegistrationSuccessSettings: + redirectUrl: string + successRedirect: string + byodWelcomeSettings: + aupDisplay: string + enableBYOD: true + enableGuestAccess: true + includeAup: true + requireAupAcceptance: true + requireMDM: true + requireScrolling: true + portalSettings: + allowedInterfaces: + - string + alwaysUsedLanguage: string + certificateGroupTag: string + displayLang: string + endpointIdentityGroup: string + fallbackLanguage: string + httpsPort: 0 + supportInfoSettings: + defaultEmptyFieldValue: string + emptyFieldDisplay: string + includeBrowserUserAgent: true + includeFailureCode: true + includeIpAddress: true + includeMacAddr: true + includePolicyServer: true + includeSupportInfoPage: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "portalTestUrl": "string", + "settings": { + "portalSettings": { + "httpsPort": 0, + "allowedInterfaces": [ + "string" + ], + "certificateGroupTag": "string", + "endpointIdentityGroup": "string", + "displayLang": "string", + "fallbackLanguage": "string", + "alwaysUsedLanguage": "string" + }, + "byodSettings": { + "byodWelcomeSettings": { + "enableBYOD": true, + "enableGuestAccess": true, + "requireMDM": true, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "requireScrolling": true + }, + "byodRegistrationSettings": { + "showDeviceID": true, + "endPointIdentityGroupId": "string" + }, + "byodRegistrationSuccessSettings": { + "successRedirect": "string", + "redirectUrl": "string" + } + }, + "supportInfoSettings": { + "includeSupportInfoPage": true, + "includeMacAddr": true, + "includeIpAddress": true, + "includeBrowserUserAgent": true, + "includePolicyServer": true, + "includeFailureCode": true, + "emptyFieldDisplay": "string", + "defaultEmptyFieldValue": "string" + } + }, + "customizations": { + "portalTheme": { + "id": "string", + "name": "string", + "themeData": "string" + }, + "portalTweakSettings": { + "bannerColor": "string", + "bannerTextColor": "string", + "pageBackgroundColor": "string", + "pageLabelAndTextColor": "string" + }, + "language": { + "viewLanguage": "string" + }, + "globalCustomizations": { + "mobileLogoImage": { + "data": "string" + }, + "desktopLogoImage": { + "data": "string" + }, + "bannerImage": { + "data": "string" + }, + "backgroundImage": { + "data": "string" + }, + "bannerTitle": "string", + "contactText": "string", + "footerElement": "string" + }, + "pageCustomizations": { + "data": [ + { + "key": "string", + "value": "string" + } + ] + } + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/byod_portal_info.py b/ansible_collections/cisco/ise/plugins/modules/byod_portal_info.py new file mode 100644 index 00000000..ed187dfa --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/byod_portal_info.py @@ -0,0 +1,313 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: byod_portal_info +short_description: Information module for BYOD Portal +description: +- Get all BYOD Portal. +- Get BYOD Portal by id. +- This API allows the client to get a BYOD portal by ID. +- This API allows the client to get all the BYOD portals. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. Portal id. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + byod_portal.ByodPortal.get_byod_portal_by_id, + byod_portal.ByodPortal.get_byod_portal_generator, + + - Paths used are + get /ers/config/byodportal, + get /ers/config/byodportal/{id}, + +""" + +EXAMPLES = r""" +- name: Get all BYOD Portal + cisco.ise.byod_portal_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get BYOD Portal by id + cisco.ise.byod_portal_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "portalTestUrl": "string", + "settings": { + "portalSettings": { + "httpsPort": 0, + "allowedInterfaces": [ + "string" + ], + "certificateGroupTag": "string", + "endpointIdentityGroup": "string", + "displayLang": "string", + "fallbackLanguage": "string", + "alwaysUsedLanguage": "string" + }, + "byodSettings": { + "byodWelcomeSettings": { + "enableBYOD": true, + "enableGuestAccess": true, + "requireMDM": true, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "requireScrolling": true + }, + "byodRegistrationSettings": { + "showDeviceID": true, + "endPointIdentityGroupId": "string" + }, + "byodRegistrationSuccessSettings": { + "successRedirect": "string", + "redirectUrl": "string" + } + }, + "supportInfoSettings": { + "includeSupportInfoPage": true, + "includeMacAddr": true, + "includeIpAddress": true, + "includeBrowserUserAgent": true, + "includePolicyServer": true, + "includeFailureCode": true, + "emptyFieldDisplay": "string", + "defaultEmptyFieldValue": "string" + } + }, + "customizations": { + "portalTheme": { + "id": "string", + "name": "string", + "themeData": "string" + }, + "portalTweakSettings": { + "bannerColor": "string", + "bannerTextColor": "string", + "pageBackgroundColor": "string", + "pageLabelAndTextColor": "string" + }, + "language": { + "viewLanguage": "string" + }, + "globalCustomizations": { + "mobileLogoImage": { + "data": "string" + }, + "desktopLogoImage": { + "data": "string" + }, + "bannerImage": { + "data": "string" + }, + "backgroundImage": { + "data": "string" + }, + "bannerTitle": "string", + "contactText": "string", + "footerElement": "string" + }, + "pageCustomizations": { + "data": [ + { + "key": "string", + "value": "string" + } + ] + } + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "portalTestUrl": "string", + "settings": { + "portalSettings": { + "httpsPort": 0, + "allowedInterfaces": [ + "string" + ], + "certificateGroupTag": "string", + "endpointIdentityGroup": "string", + "displayLang": "string", + "fallbackLanguage": "string", + "alwaysUsedLanguage": "string" + }, + "byodSettings": { + "byodWelcomeSettings": { + "enableBYOD": true, + "enableGuestAccess": true, + "requireMDM": true, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "requireScrolling": true + }, + "byodRegistrationSettings": { + "showDeviceID": true, + "endPointIdentityGroupId": "string" + }, + "byodRegistrationSuccessSettings": { + "successRedirect": "string", + "redirectUrl": "string" + } + }, + "supportInfoSettings": { + "includeSupportInfoPage": true, + "includeMacAddr": true, + "includeIpAddress": true, + "includeBrowserUserAgent": true, + "includePolicyServer": true, + "includeFailureCode": true, + "emptyFieldDisplay": "string", + "defaultEmptyFieldValue": "string" + } + }, + "customizations": { + "portalTheme": { + "id": "string", + "name": "string", + "themeData": "string" + }, + "portalTweakSettings": { + "bannerColor": "string", + "bannerTextColor": "string", + "pageBackgroundColor": "string", + "pageLabelAndTextColor": "string" + }, + "language": { + "viewLanguage": "string" + }, + "globalCustomizations": { + "mobileLogoImage": { + "data": "string" + }, + "desktopLogoImage": { + "data": "string" + }, + "bannerImage": { + "data": "string" + }, + "backgroundImage": { + "data": "string" + }, + "bannerTitle": "string", + "contactText": "string", + "footerElement": "string" + }, + "pageCustomizations": { + "data": [ + { + "key": "string", + "value": "string" + } + ] + } + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/certificate_profile.py b/ansible_collections/cisco/ise/plugins/modules/certificate_profile.py new file mode 100644 index 00000000..dcddcd19 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/certificate_profile.py @@ -0,0 +1,141 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: certificate_profile +short_description: Resource module for Certificate Profile +description: +- Manage operations create and update of the resource Certificate Profile. +- This API allows the client to create a certificate profile. +- This API allows the client to update a certificate profile. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + allowedAsUserName: + description: AllowedAsUserName flag. + type: bool + certificateAttributeName: + description: Attribute name of the Certificate Profile - used only when CERTIFICATE + is chosen in usernameFrom. Allowed values - SUBJECT_COMMON_NAME - SUBJECT_ALTERNATIVE_NAME + - SUBJECT_SERIAL_NUMBER - SUBJECT - SUBJECT_ALTERNATIVE_NAME_OTHER_NAME - SUBJECT_ALTERNATIVE_NAME_EMAIL + - SUBJECT_ALTERNATIVE_NAME_DNS. - Additional internal value ALL_SUBJECT_AND_ALTERNATIVE_NAMES + is used automatically when usernameFrom=UPN. + type: str + description: + description: Certificate Profile's description. + type: str + externalIdentityStoreName: + description: Referred IDStore name for the Certificate Profile or not applicable + in case no identity store is chosen. + type: str + id: + description: Certificate Profile's id. + type: str + matchMode: + description: Match mode of the Certificate Profile. Allowed values - NEVER - RESOLVE_IDENTITY_AMBIGUITY + - BINARY_COMPARISON. + type: str + name: + description: Certificate Profile's name. + type: str + usernameFrom: + description: The attribute in the certificate where the user name should be taken + from. Allowed values - CERTIFICATE (for a specific attribute as defined in certificateAttributeName) + - UPN (for using any Subject or Alternative Name Attributes in the Certificate + - an option only in AD). + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + certificate_profile.CertificateProfile.create_certificate_profile, + certificate_profile.CertificateProfile.update_certificate_profile_by_id, + + - Paths used are + post /ers/config/certificateprofile, + put /ers/config/certificateprofile/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.certificate_profile: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + allowedAsUserName: true + certificateAttributeName: string + description: string + externalIdentityStoreName: string + id: string + matchMode: string + name: string + usernameFrom: string + +- name: Create + cisco.ise.certificate_profile: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + allowedAsUserName: true + certificateAttributeName: string + description: string + externalIdentityStoreName: string + id: string + matchMode: string + name: string + usernameFrom: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "externalIdentityStoreName": "string", + "certificateAttributeName": "string", + "allowedAsUserName": true, + "matchMode": "string", + "usernameFrom": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ] + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/certificate_profile_info.py b/ansible_collections/cisco/ise/plugins/modules/certificate_profile_info.py new file mode 100644 index 00000000..d996fb14 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/certificate_profile_info.py @@ -0,0 +1,132 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: certificate_profile_info +short_description: Information module for Certificate Profile +description: +- Get all Certificate Profile. +- Get Certificate Profile by id. +- Get Certificate Profile by name. +- This API allows the client to get a certificate profile by ID. +- This API allows the client to get a certificate profile by name. +- This API allows the client to get all the certificate profiles. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + certificate_profile.CertificateProfile.get_certificate_profile_by_id, + certificate_profile.CertificateProfile.get_certificate_profile_by_name, + certificate_profile.CertificateProfile.get_certificate_profile_generator, + + - Paths used are + get /ers/config/certificateprofile, + get /ers/config/certificateprofile/name/{name}, + get /ers/config/certificateprofile/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Certificate Profile + cisco.ise.certificate_profile_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + register: result + +- name: Get Certificate Profile by id + cisco.ise.certificate_profile_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get Certificate Profile by name + cisco.ise.certificate_profile_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "externalIdentityStoreName": "string", + "certificateAttributeName": "string", + "allowedAsUserName": true, + "matchMode": "string", + "usernameFrom": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "externalIdentityStoreName": "string", + "certificateAttributeName": "string", + "allowedAsUserName": true, + "matchMode": "string", + "usernameFrom": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/certificate_template_info.py b/ansible_collections/cisco/ise/plugins/modules/certificate_template_info.py new file mode 100644 index 00000000..4d6d0d18 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/certificate_template_info.py @@ -0,0 +1,118 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: certificate_template_info +short_description: Information module for Certificate Template +description: +- Get all Certificate Template. +- Get Certificate Template by id. +- Get Certificate Template by name. +- This API allows the client to get a certificate template by ID. +- This API allows the client to get a certificate template by name. +- This API allows the client to get aall the certificate templates. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + certificate_template.CertificateTemplate.get_certificate_template_by_id, + certificate_template.CertificateTemplate.get_certificate_template_by_name, + certificate_template.CertificateTemplate.get_certificate_template_generator, + + - Paths used are + get /ers/config/certificatetemplate/, + get /ers/config/certificatetemplate/name/{name}, + get /ers/config/certificatetemplate/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Certificate Template + cisco.ise.certificate_template_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + register: result + +- name: Get Certificate Template by id + cisco.ise.certificate_template_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get Certificate Template by name + cisco.ise.certificate_template_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "keySize": 0, + "validityPeriod": 0, + "raprofile": "string" + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "keySize": 0, + "validityPeriod": 0, + "raprofile": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/csr_delete.py b/ansible_collections/cisco/ise/plugins/modules/csr_delete.py new file mode 100644 index 00000000..13d1f134 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/csr_delete.py @@ -0,0 +1,66 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: csr_delete +short_description: Resource module for CSR Delete +description: +- Manage operation delete of the resource CSR Delete. +- This API deletes a Certificate Signing Request of a particular node based on given HostName and ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + hostName: + description: HostName path parameter. Name of the host of which CSR's should be + deleted. + type: str + id: + description: Id path parameter. ID of the Certificate Signing Request to be deleted. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Certificates + description: Complete reference of the Certificates API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!certificate-openapi +notes: + - SDK Method used are + certificates.Certificates.delete_csr_by_id, + + - Paths used are + delete /api/v1/certs/certificate-signing-request/{hostName}/{id}, + +""" + +EXAMPLES = r""" +- name: Delete by id + cisco.ise.csr_delete: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + hostName: string + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/csr_export_info.py b/ansible_collections/cisco/ise/plugins/modules/csr_export_info.py new file mode 100644 index 00000000..a1f8b85e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/csr_export_info.py @@ -0,0 +1,80 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: csr_export_info +short_description: Information module for CSR Export +description: +- Get CSR Export by id. +- Response of this API carries a CSR corresponding to the requested ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + hostname: + description: + - Hostname path parameter. Hostname to which the CSR belongs. + type: str + id: + description: + - Id path parameter. ID of the CSR to be exported. + type: str + dirPath: + description: + - Directory absolute path. Defaults to the current working directory. + type: str + saveFile: + description: + - Enable or disable automatic file creation of raw response. + type: bool + filename: + description: + - The filename used to save the download file. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Certificates + description: Complete reference of the Certificates API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!certificate-openapi +notes: + - SDK Method used are + certificates.Certificates.export_csr, + + - Paths used are + get /api/v1/certs/certificate-signing-request/export/{hostname}/{id}, + +""" + +EXAMPLES = r""" +- name: Get CSR Export by id + cisco.ise.csr_export_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + hostname: string + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "data": "filecontent", + "filename": "filename", + "dirpath": "download/directory", + "path": "download/directory/filename" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/csr_generate.py b/ansible_collections/cisco/ise/plugins/modules/csr_generate.py new file mode 100644 index 00000000..3116b380 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/csr_generate.py @@ -0,0 +1,147 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: csr_generate +short_description: Resource module for CSR Generate +description: +- Manage operation create of the resource CSR Generate. +- Generate a certificate signing request for Multi-Use, Admin, EAP. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + allowWildCardCert: + description: AllowWildCardCert flag. + type: bool + certificatePolicies: + description: CSR Generate's certificatePolicies. + type: str + digestType: + description: CSR Generate's digestType. + type: str + hostnames: + description: CSR Generate's hostnames. + elements: str + type: list + keyLength: + description: CSR Generate's keyLength. + type: str + keyType: + description: CSR Generate's keyType. + type: str + portalGroupTag: + description: CSR Generate's portalGroupTag. + type: str + sanDNS: + description: CSR Generate's sanDNS. + elements: str + type: list + sanDir: + description: CSR Generate's sanDir. + elements: str + type: list + sanIP: + description: CSR Generate's sanIP. + elements: str + type: list + sanURI: + description: CSR Generate's sanURI. + elements: str + type: list + subjectCity: + description: CSR Generate's subjectCity. + type: str + subjectCommonName: + description: CSR Generate's subjectCommonName. + type: str + subjectCountry: + description: CSR Generate's subjectCountry. + type: str + subjectOrg: + description: CSR Generate's subjectOrg. + type: str + subjectOrgUnit: + description: CSR Generate's subjectOrgUnit. + type: str + subjectState: + description: CSR Generate's subjectState. + type: str + usedFor: + description: CSR Generate's usedFor. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Certificates + description: Complete reference of the Certificates API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!certificate-openapi +notes: + - SDK Method used are + certificates.Certificates.generate_csr, + + - Paths used are + post /api/v1/certs/certificate-signing-request, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.csr_generate: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + allowWildCardCert: true + certificatePolicies: string + digestType: string + hostnames: + - string + keyLength: string + keyType: string + portalGroupTag: string + sanDNS: + - string + sanDir: + - string + sanIP: + - string + sanURI: + - string + subjectCity: string + subjectCommonName: string + subjectCountry: string + subjectOrg: string + subjectOrgUnit: string + subjectState: string + usedFor: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": [ + { + "id": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "message": "string" + } + ], + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/csr_generate_intermediate_ca.py b/ansible_collections/cisco/ise/plugins/modules/csr_generate_intermediate_ca.py new file mode 100644 index 00000000..f7eaaf20 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/csr_generate_intermediate_ca.py @@ -0,0 +1,63 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: csr_generate_intermediate_ca +short_description: Resource module for CSR Generate Intermediate CA +description: +- Manage operation create of the resource CSR Generate Intermediate CA. +- CSR Generation for Intermediate Certificates. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Certificates + description: Complete reference of the Certificates API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!certificate-openapi +notes: + - SDK Method used are + certificates.Certificates.generate_intermediate_ca_csr, + + - Paths used are + post /api/v1/certs/certificate-signing-request/intermediate-ca, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.csr_generate_intermediate_ca: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "id": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/csr_info.py b/ansible_collections/cisco/ise/plugins/modules/csr_info.py new file mode 100644 index 00000000..6dee74b1 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/csr_info.py @@ -0,0 +1,166 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: csr_info +short_description: Information module for CSR +description: +- Get all CSR. +- Get CSR by id. +- This API displays details of a Certificate Signing Request of a particular node for given HostName and ID. +- This API supports Filtering, Sorting and Pagination. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sort: + description: + - Sort query parameter. Sort type - asc or desc. + type: str + sortBy: + description: + - SortBy query parameter. Sort column by which objects needs to be sorted. + type: str + filter: + description: + - > + Filter query parameter. .. Container **Simple filtering** should be available through the filter query + string parameter. The structure of a filter is a triplet of field operator and value separated with dots. + More than one filter can be sent. The logical operator common to ALL filter criteria will be by default AND, + and can be changed by using the *"filterType=or"* query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str + hostName: + description: + - HostName path parameter. Name of the host of which CSR's should be returned. + type: str + id: + description: + - Id path parameter. ID of the Certificate Signing Request returned. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Certificates + description: Complete reference of the Certificates API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!certificate-openapi +notes: + - SDK Method used are + certificates.Certificates.get_csr_by_id, + certificates.Certificates.get_csrs_generator, + + - Paths used are + get /api/v1/certs/certificate-signing-request, + get /api/v1/certs/certificate-signing-request/{hostName}/{id}, + +""" + +EXAMPLES = r""" +- name: Get all CSR + cisco.ise.csr_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 0 + size: 0 + sort: string + sortBy: string + filter: [] + filterType: string + register: result + +- name: Get CSR by id + cisco.ise.csr_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + hostName: string + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "csrContents": "string", + "friendlyName": "string", + "groupTag": "string", + "hostName": "string", + "id": "string", + "keySize": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "signatureAlgorithm": "string", + "subject": "string", + "timeStamp": "string", + "usedFor": "string" + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "csrContents": "string", + "friendlyName": "string", + "groupTag": "string", + "hostName": "string", + "id": "string", + "keySize": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "signatureAlgorithm": "string", + "subject": "string", + "timeStamp": "string", + "usedFor": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/deployment_info.py b/ansible_collections/cisco/ise/plugins/modules/deployment_info.py new file mode 100644 index 00000000..bc2f7074 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/deployment_info.py @@ -0,0 +1,183 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: deployment_info +short_description: Information module for Deployment +description: +- Get all Deployment. +- This API allows the client to pull the deployment information. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + timeout: + description: + - How long to wait for the server to send data before giving up. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for PullDeploymentInfo + description: Complete reference of the PullDeploymentInfo API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!deploymentinfo +notes: + - SDK Method used are + pull_deployment_info.PullDeploymentInfo.get_deployment_info, + + - Paths used are + get /ers/config/deploymentinfo/getAllInfo, + +""" + +EXAMPLES = r""" +- name: Get all Deployment + cisco.ise.deployment_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "networkAccessInfo": { + "deploymentID": "string", + "isCsnEnabled": true, + "nodeList": { + "nodeAndScope": [ + {} + ] + }, + "sdaVNs": [], + "trustSecControl": "string", + "radius3RdParty": [] + }, + "profilerInfo": { + "deploymentID": "string", + "nodeList": { + "node": [ + { + "onlineSubscriptionEnabled": true, + "lastAppliedFeedDateTime": "string", + "scope": "string", + "profiles": [ + { + "profile": [], + "customProfilesCount": 0, + "endpointTypes": "string", + "totalProfilesCount": 0, + "uniqueEndpointsCount": 0, + "unknownEndpointsCount": 0, + "totalEndpointsCount": 0, + "unknownEndpointsPercentage": 0 + } + ] + } + ] + } + }, + "deploymentInfo": { + "deploymentID": "string", + "versionHistoryInfo": [ + { + "opType": "string", + "mainVersion": "string", + "epochTime": 0 + } + ], + "nodeList": { + "nodeAndNodeCountAndCountInfo": [ + { + "name": "string", + "value": {}, + "declaredType": "string", + "scope": "string", + "nil": true, + "globalScope": true, + "typeSubstituted": true + } + ] + }, + "fipsstatus": "string" + }, + "nadInfo": { + "nodeList": { + "nodeAndScope": [ + {} + ] + }, + "nadcountInfo": { + "totalActiveNADCount": 0 + } + }, + "mdmInfo": { + "activeMdmServersCount": "string", + "activeDesktopMdmServersCount": "string", + "activeMobileMdmServersCount": "string", + "deploymentID": "string", + "nodeList": { + "nodeAndScope": [ + {} + ] + } + }, + "licensesInfo": { + "deploymentID": "string", + "nodeList": { + "node": [ + {} + ] + } + }, + "postureInfo": { + "content": [ + { + "name": "string", + "value": {}, + "declaredType": "string", + "scope": "string", + "nil": true, + "globalScope": true, + "typeSubstituted": true + } + ] + }, + "kongInfo": { + "deploymentID": "string", + "nodeList": { + "node": [ + { + "sn": "string", + "service": [ + { + "serviceName": "string", + "route": [ + { + "routeName": "string", + "httpCount": {}, + "latencyCount": {}, + "latencySum": {} + } + ] + } + ] + } + ] + } + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_authentication_reset_hitcount.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_authentication_reset_hitcount.py new file mode 100644 index 00000000..a238380a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_authentication_reset_hitcount.py @@ -0,0 +1,58 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_authentication_reset_hitcount +short_description: Resource module for Device Administration Authentication Reset Hitcount +description: +- Manage operation create of the resource Device Administration Authentication Reset Hitcount. +- Device Admin - Reset HitCount for Authentication Rules. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + policyId: + description: PolicyId path parameter. Policy id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Authentication Rules + description: Complete reference of the Device Administration - Authentication Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_authentication_rules.DeviceAdministrationAuthenticationRules.reset_hit_counts_device_admin_authentication_rules, + + - Paths used are + post /device-admin/policy-set/{policyId}/authentication/reset-hitcount, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.device_administration_authentication_reset_hitcount: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + policyId: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "message": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_authentication_rules.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_authentication_rules.py new file mode 100644 index 00000000..29c2db6d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_authentication_rules.py @@ -0,0 +1,535 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_authentication_rules +short_description: Resource module for Device Administration Authentication Rules +description: +- Manage operations create, update and delete of the resource Device Administration Authentication Rules. +- Device Admin - Create authentication rule. +- Device Admin - Delete rule. +- Device Admin - - Update rule. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + id: + description: Id path parameter. Rule id. + type: str + identitySourceName: + description: Identity source name from the identity stores. + type: str + ifAuthFail: + description: Action to perform when authentication fails such as Bad credentials, + disabled user and so on. + type: str + ifProcessFail: + description: Action to perform when ISE is uanble to access the identity database. + type: str + ifUserNotFound: + description: Action to perform when user is not found in any of identity stores. + type: str + link: + description: Device Administration Authentication Rules's link. + suboptions: + href: + description: Device Administration Authentication Rules's href. + type: str + rel: + description: Device Administration Authentication Rules's rel. + type: str + type: + description: Device Administration Authentication Rules's type. + type: str + type: dict + policyId: + description: PolicyId path parameter. Policy id. + type: str + rule: + description: Common attributes in rule authentication/authorization. + suboptions: + condition: + description: Device Administration Authentication Rules's condition. + suboptions: + attributeName: + description: Dictionary attribute name. + type: str + attributeValue: + description: <ul><li>Attribute value for condition</li> <li>Value type is + specified in dictionary object</li> <li>if multiple values allowed is + specified in dictionary object</li></ul>. + type: str + children: + description: In case type is andBlock or orBlock addtional conditions will + be aggregated under this logical (OR/AND) condition. + elements: dict + suboptions: + conditionType: + description: <ul><li>Inidicates whether the record is the condition + itself(data) or a logical(or,and) aggregation</li> <li>Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain + condition data but not both</li> <li>Logical aggreation(and,or) enum + indicates that additional conditions are present under the children + field</li></ul>. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Device Administration Authentication Rules's link. + suboptions: + href: + description: Device Administration Authentication Rules's href. + type: str + rel: + description: Device Administration Authentication Rules's rel. + type: str + type: + description: Device Administration Authentication Rules's type. + type: str + type: dict + type: list + conditionType: + description: <ul><li>Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation</li> <li>Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain + condition data but not both</li> <li>Logical aggreation(and,or) enum indicates + that additional conditions are present under the children field</li></ul>. + type: str + datesRange: + description: <p>Defines for which date/s TimeAndDate condition will be matched<br> + Options are - Date range, for specific date, the same date should be used + for start/end date <br> Default - no specific dates<br> In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)</p>. + suboptions: + endDate: + description: Device Administration Authentication Rules's endDate. + type: str + startDate: + description: Device Administration Authentication Rules's startDate. + type: str + type: dict + datesRangeException: + description: <p>Defines for which date/s TimeAndDate condition will be matched<br> + Options are - Date range, for specific date, the same date should be used + for start/end date <br> Default - no specific dates<br> In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)</p>. + suboptions: + endDate: + description: Device Administration Authentication Rules's endDate. + type: str + startDate: + description: Device Administration Authentication Rules's startDate. + type: str + type: dict + description: + description: Condition description. + type: str + dictionaryName: + description: Dictionary name. + type: str + dictionaryValue: + description: Dictionary value. + type: str + hoursRange: + description: <p>Defines for which hours a TimeAndDate condition will be + matched<br> Time format - hh mm ( h = hour , mm = minutes ) <br> Default + - All Day </p>. + suboptions: + endTime: + description: Device Administration Authentication Rules's endTime. + type: str + startTime: + description: Device Administration Authentication Rules's startTime. + type: str + type: dict + hoursRangeException: + description: <p>Defines for which hours a TimeAndDate condition will be + matched<br> Time format - hh mm ( h = hour , mm = minutes ) <br> Default + - All Day </p>. + suboptions: + endTime: + description: Device Administration Authentication Rules's endTime. + type: str + startTime: + description: Device Administration Authentication Rules's startTime. + type: str + type: dict + id: + description: Device Administration Authentication Rules's id. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Device Administration Authentication Rules's link. + suboptions: + href: + description: Device Administration Authentication Rules's href. + type: str + rel: + description: Device Administration Authentication Rules's rel. + type: str + type: + description: Device Administration Authentication Rules's type. + type: str + type: dict + name: + description: Condition name. + type: str + operator: + description: Equality operator. + type: str + weekDays: + description: <p>Defines for which days this condition will be matched<br> + Days format - Arrays of WeekDay enums <br> Default - List of All week + days</p>. + elements: str + type: list + weekDaysException: + description: <p>Defines for which days this condition will NOT be matched<br> + Days format - Arrays of WeekDay enums <br> Default - Not enabled</p>. + elements: str + type: list + type: dict + default: + description: Indicates if this rule is the default one. + type: bool + hitCounts: + description: The amount of times the rule was matched. + type: int + id: + description: The identifier of the rule. + type: str + name: + description: Rule name, Valid characters are alphanumerics, underscore, hyphen, + space, period, parentheses. + type: str + rank: + description: The rank(priority) in relation to other rules. Lower rank is higher + priority. + type: int + state: + description: The state that the rule is in. A disabled rule cannot be matched. + type: str + type: dict +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Authentication Rules + description: Complete reference of the Device Administration - Authentication Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_authentication_rules.DeviceAdministrationAuthenticationRules.create_device_admin_authentication_rule, + device_administration_authentication_rules.DeviceAdministrationAuthenticationRules.delete_device_admin_authentication_rule_by_id, + device_administration_authentication_rules.DeviceAdministrationAuthenticationRules.update_device_admin_authentication_rule_by_id, + + - Paths used are + post /device-admin/policy-set/{policyId}/authentication, + delete /device-admin/policy-set/{policyId}/authentication/{id}, + put /device-admin/policy-set/{policyId}/authentication/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.device_administration_authentication_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + identitySourceName: string + ifAuthFail: string + ifProcessFail: string + ifUserNotFound: string + link: + href: string + rel: string + type: string + policyId: string + rule: + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + hitCounts: 0 + id: string + name: string + rank: 0 + state: string + +- name: Update by id + cisco.ise.device_administration_authentication_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + id: string + identitySourceName: string + ifAuthFail: string + ifProcessFail: string + ifUserNotFound: string + link: + href: string + rel: string + type: string + policyId: string + rule: + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + hitCounts: 0 + id: string + name: string + rank: 0 + state: string + +- name: Delete by id + cisco.ise.device_administration_authentication_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + policyId: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "identitySourceName": "string", + "ifAuthFail": "string", + "ifProcessFail": "string", + "ifUserNotFound": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": { + "identitySourceName": "string", + "ifAuthFail": "string", + "ifProcessFail": "string", + "ifUserNotFound": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + } + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_authentication_rules_info.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_authentication_rules_info.py new file mode 100644 index 00000000..3e0dfce6 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_authentication_rules_info.py @@ -0,0 +1,144 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_authentication_rules_info +short_description: Information module for Device Administration Authentication Rules +description: +- Get all Device Administration Authentication Rules. +- Get Device Administration Authentication Rules by id. +- Device Admin - Get authentication rules. +- Device Admin - Get rule attributes. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + policyId: + description: + - PolicyId path parameter. Policy id. + type: str + id: + description: + - Id path parameter. Rule id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Authentication Rules + description: Complete reference of the Device Administration - Authentication Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_authentication_rules.DeviceAdministrationAuthenticationRules.get_device_admin_authentication_rule_by_id, + device_administration_authentication_rules.DeviceAdministrationAuthenticationRules.get_device_admin_authentication_rules, + + - Paths used are + get /device-admin/policy-set/{policyId}/authentication, + get /device-admin/policy-set/{policyId}/authentication/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Device Administration Authentication Rules + cisco.ise.device_administration_authentication_rules_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + policyId: string + register: result + +- name: Get Device Administration Authentication Rules by id + cisco.ise.device_administration_authentication_rules_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + policyId: string + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "identitySourceName": "string", + "ifAuthFail": "string", + "ifProcessFail": "string", + "ifUserNotFound": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_authorization_reset_hitcount.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_authorization_reset_hitcount.py new file mode 100644 index 00000000..a34b3aec --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_authorization_reset_hitcount.py @@ -0,0 +1,58 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_authorization_reset_hitcount +short_description: Resource module for Device Administration Authorization Reset Hitcount +description: +- Manage operation create of the resource Device Administration Authorization Reset Hitcount. +- Device Admin - Reset HitCount for Authorization Rules. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + policyId: + description: PolicyId path parameter. Policy id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Authorization Rules + description: Complete reference of the Device Administration - Authorization Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_authorization_rules.DeviceAdministrationAuthorizationRules.reset_hit_counts_device_admin_authorization_rules, + + - Paths used are + post /device-admin/policy-set/{policyId}/authorization/reset-hitcount, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.device_administration_authorization_reset_hitcount: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + policyId: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "message": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_authorization_rules.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_authorization_rules.py new file mode 100644 index 00000000..1e5058c6 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_authorization_rules.py @@ -0,0 +1,529 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_authorization_rules +short_description: Resource module for Device Administration Authorization Rules +description: +- Manage operations create, update and delete of the resource Device Administration Authorization Rules. +- Device Admin - Create authorization rule. +- Device Admin - Delete authorization rule. +- Device Admin - Update authorization rule. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + commands: + description: Command sets enforce the specified list of commands that can be executed + by a device administrator. + elements: str + type: list + id: + description: Id path parameter. Rule id. + type: str + link: + description: Device Administration Authorization Rules's link. + suboptions: + href: + description: Device Administration Authorization Rules's href. + type: str + rel: + description: Device Administration Authorization Rules's rel. + type: str + type: + description: Device Administration Authorization Rules's type. + type: str + type: dict + policyId: + description: PolicyId path parameter. Policy id. + type: str + profile: + description: Device admin profiles control the initial login session of the device + administrator. + type: str + rule: + description: Common attributes in rule authentication/authorization. + suboptions: + condition: + description: Device Administration Authorization Rules's condition. + suboptions: + attributeName: + description: Dictionary attribute name. + type: str + attributeValue: + description: <ul><li>Attribute value for condition</li> <li>Value type is + specified in dictionary object</li> <li>if multiple values allowed is + specified in dictionary object</li></ul>. + type: str + children: + description: In case type is andBlock or orBlock addtional conditions will + be aggregated under this logical (OR/AND) condition. + elements: dict + suboptions: + conditionType: + description: <ul><li>Inidicates whether the record is the condition + itself(data) or a logical(or,and) aggregation</li> <li>Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain + condition data but not both</li> <li>Logical aggreation(and,or) enum + indicates that additional conditions are present under the children + field</li></ul>. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Device Administration Authorization Rules's link. + suboptions: + href: + description: Device Administration Authorization Rules's href. + type: str + rel: + description: Device Administration Authorization Rules's rel. + type: str + type: + description: Device Administration Authorization Rules's type. + type: str + type: dict + type: list + conditionType: + description: <ul><li>Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation</li> <li>Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain + condition data but not both</li> <li>Logical aggreation(and,or) enum indicates + that additional conditions are present under the children field</li></ul>. + type: str + datesRange: + description: <p>Defines for which date/s TimeAndDate condition will be matched<br> + Options are - Date range, for specific date, the same date should be used + for start/end date <br> Default - no specific dates<br> In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)</p>. + suboptions: + endDate: + description: Device Administration Authorization Rules's endDate. + type: str + startDate: + description: Device Administration Authorization Rules's startDate. + type: str + type: dict + datesRangeException: + description: <p>Defines for which date/s TimeAndDate condition will be matched<br> + Options are - Date range, for specific date, the same date should be used + for start/end date <br> Default - no specific dates<br> In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)</p>. + suboptions: + endDate: + description: Device Administration Authorization Rules's endDate. + type: str + startDate: + description: Device Administration Authorization Rules's startDate. + type: str + type: dict + description: + description: Condition description. + type: str + dictionaryName: + description: Dictionary name. + type: str + dictionaryValue: + description: Dictionary value. + type: str + hoursRange: + description: <p>Defines for which hours a TimeAndDate condition will be + matched<br> Time format - hh mm ( h = hour , mm = minutes ) <br> Default + - All Day </p>. + suboptions: + endTime: + description: Device Administration Authorization Rules's endTime. + type: str + startTime: + description: Device Administration Authorization Rules's startTime. + type: str + type: dict + hoursRangeException: + description: <p>Defines for which hours a TimeAndDate condition will be + matched<br> Time format - hh mm ( h = hour , mm = minutes ) <br> Default + - All Day </p>. + suboptions: + endTime: + description: Device Administration Authorization Rules's endTime. + type: str + startTime: + description: Device Administration Authorization Rules's startTime. + type: str + type: dict + id: + description: Device Administration Authorization Rules's id. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Device Administration Authorization Rules's link. + suboptions: + href: + description: Device Administration Authorization Rules's href. + type: str + rel: + description: Device Administration Authorization Rules's rel. + type: str + type: + description: Device Administration Authorization Rules's type. + type: str + type: dict + name: + description: Condition name. + type: str + operator: + description: Equality operator. + type: str + weekDays: + description: <p>Defines for which days this condition will be matched<br> + Days format - Arrays of WeekDay enums <br> Default - List of All week + days</p>. + elements: str + type: list + weekDaysException: + description: <p>Defines for which days this condition will NOT be matched<br> + Days format - Arrays of WeekDay enums <br> Default - Not enabled</p>. + elements: str + type: list + type: dict + default: + description: Indicates if this rule is the default one. + type: bool + hitCounts: + description: The amount of times the rule was matched. + type: int + id: + description: The identifier of the rule. + type: str + name: + description: Rule name, Valid characters are alphanumerics, underscore, hyphen, + space, period, parentheses. + type: str + rank: + description: The rank(priority) in relation to other rules. Lower rank is higher + priority. + type: int + state: + description: The state that the rule is in. A disabled rule cannot be matched. + type: str + type: dict +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Authorization Rules + description: Complete reference of the Device Administration - Authorization Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_authorization_rules.DeviceAdministrationAuthorizationRules.create_device_admin_authorization_rule, + device_administration_authorization_rules.DeviceAdministrationAuthorizationRules.delete_device_admin_authorization_rule_by_id, + device_administration_authorization_rules.DeviceAdministrationAuthorizationRules.update_device_admin_authorization_rule_by_id, + + - Paths used are + post /device-admin/policy-set/{policyId}/authorization, + delete /device-admin/policy-set/{policyId}/authorization/{id}, + put /device-admin/policy-set/{policyId}/authorization/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.device_administration_authorization_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + commands: + - string + link: + href: string + rel: string + type: string + policyId: string + profile: string + rule: + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + hitCounts: 0 + id: string + name: string + rank: 0 + state: string + +- name: Update by id + cisco.ise.device_administration_authorization_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + commands: + - string + id: string + link: + href: string + rel: string + type: string + policyId: string + profile: string + rule: + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + hitCounts: 0 + id: string + name: string + rank: 0 + state: string + +- name: Delete by id + cisco.ise.device_administration_authorization_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + policyId: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "commands": [ + "string" + ], + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "profile": "string", + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": { + "commands": [ + "string" + ], + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "profile": "string", + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + } + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_authorization_rules_info.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_authorization_rules_info.py new file mode 100644 index 00000000..8c5f6de1 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_authorization_rules_info.py @@ -0,0 +1,144 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_authorization_rules_info +short_description: Information module for Device Administration Authorization Rules +description: +- Get all Device Administration Authorization Rules. +- Get Device Administration Authorization Rules by id. +- Device Admin - Get authorization rule attributes. +- Device Admin - Get authorization rules. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + policyId: + description: + - PolicyId path parameter. Policy id. + type: str + id: + description: + - Id path parameter. Rule id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Authorization Rules + description: Complete reference of the Device Administration - Authorization Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_authorization_rules.DeviceAdministrationAuthorizationRules.get_device_admin_authorization_rule_by_id, + device_administration_authorization_rules.DeviceAdministrationAuthorizationRules.get_device_admin_authorization_rules, + + - Paths used are + get /device-admin/policy-set/{policyId}/authorization, + get /device-admin/policy-set/{policyId}/authorization/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Device Administration Authorization Rules + cisco.ise.device_administration_authorization_rules_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + policyId: string + register: result + +- name: Get Device Administration Authorization Rules by id + cisco.ise.device_administration_authorization_rules_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + policyId: string + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "commands": [ + "string" + ], + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "profile": "string", + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_command_set_info.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_command_set_info.py new file mode 100644 index 00000000..23aa5817 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_command_set_info.py @@ -0,0 +1,59 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_command_set_info +short_description: Information module for Device Administration Command Set +description: +- Get all Device Administration Command Set. +- Device Admin - Return list of command sets. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Command Set + description: Complete reference of the Device Administration - Command Set API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_command_set.DeviceAdministrationCommandSet.get_device_admin_command_sets, + + - Paths used are + get /device-admin/command-sets, + +""" + +EXAMPLES = r""" +- name: Get all Device Administration Command Set + cisco.ise.device_administration_command_set_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_conditions.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_conditions.py new file mode 100644 index 00000000..9db7c229 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_conditions.py @@ -0,0 +1,457 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_conditions +short_description: Resource module for Device Administration Conditions +description: +- Manage operations create, update and delete of the resource Device Administration Conditions. +- Device Admin - Creates a library condition. +- Device Admin - Delete a library condition. +- NDevice Admin - Delete a library condition using condition Name. +- Device Admin - Update library condition using condition name. +- Device Admin - Update library condition. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + attributeName: + description: Dictionary attribute name. + type: str + attributeValue: + description: <ul><li>Attribute value for condition</li> <li>Value type is specified + in dictionary object</li> <li>if multiple values allowed is specified in dictionary + object</li></ul>. + type: str + children: + description: In case type is andBlock or orBlock addtional conditions will be aggregated + under this logical (OR/AND) condition. + elements: dict + suboptions: + conditionType: + description: <ul><li>Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation</li> <li>Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain condition + data but not both</li> <li>Logical aggreation(and,or) enum indicates that + additional conditions are present under the children field</li></ul>. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Device Administration Conditions's link. + suboptions: + href: + description: Device Administration Conditions's href. + type: str + rel: + description: Device Administration Conditions's rel. + type: str + type: + description: Device Administration Conditions's type. + type: str + type: dict + type: list + conditionType: + description: <ul><li>Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation</li> <li>Data type enum(reference,single) indicates + than "conditonId" OR "ConditionAttrs" fields should contain condition data but + not both</li> <li>Logical aggreation(and,or) enum indicates that additional conditions + are present under the children field</li></ul>. + type: str + datesRange: + description: <p>Defines for which date/s TimeAndDate condition will be matched<br> + Options are - Date range, for specific date, the same date should be used for + start/end date <br> Default - no specific dates<br> In order to reset the dates + to have no specific dates Date format - yyyy-mm-dd (MM = month, dd = day, yyyy + = year)</p>. + suboptions: + endDate: + description: Device Administration Conditions's endDate. + type: str + startDate: + description: Device Administration Conditions's startDate. + type: str + type: dict + datesRangeException: + description: <p>Defines for which date/s TimeAndDate condition will be matched<br> + Options are - Date range, for specific date, the same date should be used for + start/end date <br> Default - no specific dates<br> In order to reset the dates + to have no specific dates Date format - yyyy-mm-dd (MM = month, dd = day, yyyy + = year)</p>. + suboptions: + endDate: + description: Device Administration Conditions's endDate. + type: str + startDate: + description: Device Administration Conditions's startDate. + type: str + type: dict + description: + description: Condition description. + type: str + dictionaryName: + description: Dictionary name. + type: str + dictionaryValue: + description: Dictionary value. + type: str + hoursRange: + description: <p>Defines for which hours a TimeAndDate condition will be matched<br> + Time format - hh mm ( h = hour , mm = minutes ) <br> Default - All Day </p>. + suboptions: + endTime: + description: Device Administration Conditions's endTime. + type: str + startTime: + description: Device Administration Conditions's startTime. + type: str + type: dict + hoursRangeException: + description: <p>Defines for which hours a TimeAndDate condition will be matched<br> + Time format - hh mm ( h = hour , mm = minutes ) <br> Default - All Day </p>. + suboptions: + endTime: + description: Device Administration Conditions's endTime. + type: str + startTime: + description: Device Administration Conditions's startTime. + type: str + type: dict + id: + description: Device Administration Conditions's id. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Device Administration Conditions's link. + suboptions: + href: + description: Device Administration Conditions's href. + type: str + rel: + description: Device Administration Conditions's rel. + type: str + type: + description: Device Administration Conditions's type. + type: str + type: dict + name: + description: Condition name. + type: str + operator: + description: Equality operator. + type: str + weekDays: + description: <p>Defines for which days this condition will be matched<br> Days format + - Arrays of WeekDay enums <br> Default - List of All week days</p>. + elements: str + type: list + weekDaysException: + description: <p>Defines for which days this condition will NOT be matched<br> Days + format - Arrays of WeekDay enums <br> Default - Not enabled</p>. + elements: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Conditions + description: Complete reference of the Device Administration - Conditions API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_conditions.DeviceAdministrationConditions.create_device_admin_condition, + device_administration_conditions.DeviceAdministrationConditions.delete_device_admin_condition_by_id, + device_administration_conditions.DeviceAdministrationConditions.delete_device_admin_condition_by_name, + device_administration_conditions.DeviceAdministrationConditions.update_device_admin_condition_by_id, + device_administration_conditions.DeviceAdministrationConditions.update_device_admin_condition_by_name, + + - Paths used are + post /device-admin/condition, + delete /device-admin/condition/condition-by-name/{name}, + delete /device-admin/condition/{id}, + put /device-admin/condition/condition-by-name/{name}, + put /device-admin/condition/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.device_administration_conditions: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + +- name: Update by name + cisco.ise.device_administration_conditions: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + +- name: Delete by name + cisco.ise.device_administration_conditions: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + name: string + +- name: Update by id + cisco.ise.device_administration_conditions: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + +- name: Delete by id + cisco.ise.device_administration_conditions: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_conditions_for_authentication_rule_info.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_conditions_for_authentication_rule_info.py new file mode 100644 index 00000000..073e3b88 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_conditions_for_authentication_rule_info.py @@ -0,0 +1,105 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_conditions_for_authentication_rule_info +short_description: Information module for Device Administration Conditions For Authentication Rule +description: +- Get all Device Administration Conditions For Authentication Rule. +- Device Admin - Returns list of library conditions for authentication rules. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Conditions + description: Complete reference of the Device Administration - Conditions API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_conditions.DeviceAdministrationConditions.get_device_admin_conditions_for_authentication_rules, + + - Paths used are + get /device-admin/condition/authentication, + +""" + +EXAMPLES = r""" +- name: Get all Device Administration Conditions For Authentication Rule + cisco.ise.device_administration_conditions_for_authentication_rule_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_conditions_for_authorization_rule_info.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_conditions_for_authorization_rule_info.py new file mode 100644 index 00000000..e2db5781 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_conditions_for_authorization_rule_info.py @@ -0,0 +1,105 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_conditions_for_authorization_rule_info +short_description: Information module for Device Administration Conditions For Authorization Rule +description: +- Get all Device Administration Conditions For Authorization Rule. +- Device Admin - Returns list of library conditions for authorization rules. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Conditions + description: Complete reference of the Device Administration - Conditions API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_conditions.DeviceAdministrationConditions.get_device_admin_conditions_for_authorization_rules, + + - Paths used are + get /device-admin/condition/authorization, + +""" + +EXAMPLES = r""" +- name: Get all Device Administration Conditions For Authorization Rule + cisco.ise.device_administration_conditions_for_authorization_rule_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_conditions_for_policy_set_info.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_conditions_for_policy_set_info.py new file mode 100644 index 00000000..c5add18b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_conditions_for_policy_set_info.py @@ -0,0 +1,105 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_conditions_for_policy_set_info +short_description: Information module for Device Administration Conditions For Policy Set +description: +- Get all Device Administration Conditions For Policy Set. +- Device Admin - Returns list of library conditions for policy sets. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Conditions + description: Complete reference of the Device Administration - Conditions API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_conditions.DeviceAdministrationConditions.get_device_admin_conditions_for_policy_sets, + + - Paths used are + get /device-admin/condition/policyset, + +""" + +EXAMPLES = r""" +- name: Get all Device Administration Conditions For Policy Set + cisco.ise.device_administration_conditions_for_policy_set_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_conditions_info.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_conditions_info.py new file mode 100644 index 00000000..90657433 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_conditions_info.py @@ -0,0 +1,136 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_conditions_info +short_description: Information module for Device Administration Conditions +description: +- Get all Device Administration Conditions. +- Get Device Administration Conditions by id. +- Get Device Administration Conditions by name. +- Device Admin - Returns a library condition. +- Device Admin - Returns a library condition. +- Device Admin - Returns list of library conditions. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. Condition name. + type: str + id: + description: + - Id path parameter. Condition id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Conditions + description: Complete reference of the Device Administration - Conditions API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_conditions.DeviceAdministrationConditions.get_device_admin_condition_by_id, + device_administration_conditions.DeviceAdministrationConditions.get_device_admin_condition_by_name, + device_administration_conditions.DeviceAdministrationConditions.get_device_admin_conditions, + + - Paths used are + get /device-admin/condition, + get /device-admin/condition/condition-by-name/{name}, + get /device-admin/condition/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Device Administration Conditions + cisco.ise.device_administration_conditions_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +- name: Get Device Administration Conditions by id + cisco.ise.device_administration_conditions_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get Device Administration Conditions by name + cisco.ise.device_administration_conditions_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_dictionary_attributes_authentication_info.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_dictionary_attributes_authentication_info.py new file mode 100644 index 00000000..c603181b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_dictionary_attributes_authentication_info.py @@ -0,0 +1,71 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_dictionary_attributes_authentication_info +short_description: Information module for Device Administration Dictionary Attributes Authentication +description: +- Get all Device Administration Dictionary Attributes Authentication. +- Network Access - Returns list of dictionary attributes for authentication. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Dictionary Attributes List + description: Complete reference of the Device Administration - Dictionary Attributes List API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_dictionary_attributes_list.DeviceAdministrationDictionaryAttributesList.get_device_admin_dictionaries_authentication, + + - Paths used are + get /device-admin/dictionaries/authentication, + +""" + +EXAMPLES = r""" +- name: Get all Device Administration Dictionary Attributes Authentication + cisco.ise.device_administration_dictionary_attributes_authentication_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "allowedValues": [ + { + "isDefault": true, + "key": "string", + "value": "string" + } + ], + "dataType": "string", + "description": "string", + "dictionaryName": "string", + "directionType": "string", + "id": "string", + "internalName": "string", + "name": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_dictionary_attributes_authorization_info.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_dictionary_attributes_authorization_info.py new file mode 100644 index 00000000..f1685f1a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_dictionary_attributes_authorization_info.py @@ -0,0 +1,71 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_dictionary_attributes_authorization_info +short_description: Information module for Device Administration Dictionary Attributes Authorization +description: +- Get all Device Administration Dictionary Attributes Authorization. +- Network Access - Returns list of dictionary attributes for authorization. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Dictionary Attributes List + description: Complete reference of the Device Administration - Dictionary Attributes List API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_dictionary_attributes_list.DeviceAdministrationDictionaryAttributesList.get_device_admin_dictionaries_authorization, + + - Paths used are + get /device-admin/dictionaries/authorization, + +""" + +EXAMPLES = r""" +- name: Get all Device Administration Dictionary Attributes Authorization + cisco.ise.device_administration_dictionary_attributes_authorization_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "allowedValues": [ + { + "isDefault": true, + "key": "string", + "value": "string" + } + ], + "dataType": "string", + "description": "string", + "dictionaryName": "string", + "directionType": "string", + "id": "string", + "internalName": "string", + "name": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_dictionary_attributes_policy_set_info.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_dictionary_attributes_policy_set_info.py new file mode 100644 index 00000000..74afbb5d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_dictionary_attributes_policy_set_info.py @@ -0,0 +1,71 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_dictionary_attributes_policy_set_info +short_description: Information module for Device Administration Dictionary Attributes Policy Set +description: +- Get all Device Administration Dictionary Attributes Policy Set. +- Network Access - Returns list of dictionary attributes for policyset. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Dictionary Attributes List + description: Complete reference of the Device Administration - Dictionary Attributes List API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_dictionary_attributes_list.DeviceAdministrationDictionaryAttributesList.get_device_admin_dictionaries_policy_set, + + - Paths used are + get /device-admin/dictionaries/policyset, + +""" + +EXAMPLES = r""" +- name: Get all Device Administration Dictionary Attributes Policy Set + cisco.ise.device_administration_dictionary_attributes_policy_set_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "allowedValues": [ + { + "isDefault": true, + "key": "string", + "value": "string" + } + ], + "dataType": "string", + "description": "string", + "dictionaryName": "string", + "directionType": "string", + "id": "string", + "internalName": "string", + "name": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_global_exception_rules.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_global_exception_rules.py new file mode 100644 index 00000000..6bdd2efe --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_global_exception_rules.py @@ -0,0 +1,523 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_global_exception_rules +short_description: Resource module for Device Administration Global Exception Rules +description: +- Manage operations create, update and delete of the resource Device Administration Global Exception Rules. +- Device Admin - Create global exception authorization rule. +- Device Admin - Delete global exception authorization rule. +- Device Admin - Update global exception authorization rule. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + commands: + description: Command sets enforce the specified list of commands that can be executed + by a device administrator. + elements: str + type: list + id: + description: Id path parameter. Rule id. + type: str + link: + description: Device Administration Global Exception Rules's link. + suboptions: + href: + description: Device Administration Global Exception Rules's href. + type: str + rel: + description: Device Administration Global Exception Rules's rel. + type: str + type: + description: Device Administration Global Exception Rules's type. + type: str + type: dict + profile: + description: Device admin profiles control the initial login session of the device + administrator. + type: str + rule: + description: Common attributes in rule authentication/authorization. + suboptions: + condition: + description: Device Administration Global Exception Rules's condition. + suboptions: + attributeName: + description: Dictionary attribute name. + type: str + attributeValue: + description: <ul><li>Attribute value for condition</li> <li>Value type is + specified in dictionary object</li> <li>if multiple values allowed is + specified in dictionary object</li></ul>. + type: str + children: + description: In case type is andBlock or orBlock addtional conditions will + be aggregated under this logical (OR/AND) condition. + elements: dict + suboptions: + conditionType: + description: <ul><li>Inidicates whether the record is the condition + itself(data) or a logical(or,and) aggregation</li> <li>Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain + condition data but not both</li> <li>Logical aggreation(and,or) enum + indicates that additional conditions are present under the children + field</li></ul>. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Device Administration Global Exception Rules's link. + suboptions: + href: + description: Device Administration Global Exception Rules's href. + type: str + rel: + description: Device Administration Global Exception Rules's rel. + type: str + type: + description: Device Administration Global Exception Rules's type. + type: str + type: dict + type: list + conditionType: + description: <ul><li>Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation</li> <li>Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain + condition data but not both</li> <li>Logical aggreation(and,or) enum indicates + that additional conditions are present under the children field</li></ul>. + type: str + datesRange: + description: <p>Defines for which date/s TimeAndDate condition will be matched<br> + Options are - Date range, for specific date, the same date should be used + for start/end date <br> Default - no specific dates<br> In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)</p>. + suboptions: + endDate: + description: Device Administration Global Exception Rules's endDate. + type: str + startDate: + description: Device Administration Global Exception Rules's startDate. + type: str + type: dict + datesRangeException: + description: <p>Defines for which date/s TimeAndDate condition will be matched<br> + Options are - Date range, for specific date, the same date should be used + for start/end date <br> Default - no specific dates<br> In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)</p>. + suboptions: + endDate: + description: Device Administration Global Exception Rules's endDate. + type: str + startDate: + description: Device Administration Global Exception Rules's startDate. + type: str + type: dict + description: + description: Condition description. + type: str + dictionaryName: + description: Dictionary name. + type: str + dictionaryValue: + description: Dictionary value. + type: str + hoursRange: + description: <p>Defines for which hours a TimeAndDate condition will be + matched<br> Time format - hh mm ( h = hour , mm = minutes ) <br> Default + - All Day </p>. + suboptions: + endTime: + description: Device Administration Global Exception Rules's endTime. + type: str + startTime: + description: Device Administration Global Exception Rules's startTime. + type: str + type: dict + hoursRangeException: + description: <p>Defines for which hours a TimeAndDate condition will be + matched<br> Time format - hh mm ( h = hour , mm = minutes ) <br> Default + - All Day </p>. + suboptions: + endTime: + description: Device Administration Global Exception Rules's endTime. + type: str + startTime: + description: Device Administration Global Exception Rules's startTime. + type: str + type: dict + id: + description: Device Administration Global Exception Rules's id. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Device Administration Global Exception Rules's link. + suboptions: + href: + description: Device Administration Global Exception Rules's href. + type: str + rel: + description: Device Administration Global Exception Rules's rel. + type: str + type: + description: Device Administration Global Exception Rules's type. + type: str + type: dict + name: + description: Condition name. + type: str + operator: + description: Equality operator. + type: str + weekDays: + description: <p>Defines for which days this condition will be matched<br> + Days format - Arrays of WeekDay enums <br> Default - List of All week + days</p>. + elements: str + type: list + weekDaysException: + description: <p>Defines for which days this condition will NOT be matched<br> + Days format - Arrays of WeekDay enums <br> Default - Not enabled</p>. + elements: str + type: list + type: dict + default: + description: Indicates if this rule is the default one. + type: bool + hitCounts: + description: The amount of times the rule was matched. + type: int + id: + description: The identifier of the rule. + type: str + name: + description: Rule name, Valid characters are alphanumerics, underscore, hyphen, + space, period, parentheses. + type: str + rank: + description: The rank(priority) in relation to other rules. Lower rank is higher + priority. + type: int + state: + description: The state that the rule is in. A disabled rule cannot be matched. + type: str + type: dict +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Authorization Global Exception Rules + description: Complete reference of the Device Administration - Authorization Global Exception Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_authorization_global_exception_rules.DeviceAdministrationAuthorizationGlobalExceptionRules.create_device_admin_policy_set_global_exception, + device_administration_authorization_global_exception_rules.DeviceAdministrationAuthorizationGlobalExceptionRules.delete_device_admin_policy_set_global_exception_by_rule_id, + device_administration_authorization_global_exception_rules.DeviceAdministrationAuthorizationGlobalExceptionRules.update_device_admin_policy_set_global_exception_by_rule_id, + + - Paths used are + post /device-admin/policy-set/global-exception, + delete /device-admin/policy-set/global-exception/{id}, + put /device-admin/policy-set/global-exception/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.device_administration_global_exception_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + commands: + - string + link: + href: string + rel: string + type: string + profile: string + rule: + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + hitCounts: 0 + id: string + name: string + rank: 0 + state: string + +- name: Update by id + cisco.ise.device_administration_global_exception_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + commands: + - string + id: string + link: + href: string + rel: string + type: string + profile: string + rule: + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + hitCounts: 0 + id: string + name: string + rank: 0 + state: string + +- name: Delete by id + cisco.ise.device_administration_global_exception_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "commands": [ + "string" + ], + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "profile": "string", + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": { + "commands": [ + "string" + ], + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "profile": "string", + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + } + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_global_exception_rules_info.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_global_exception_rules_info.py new file mode 100644 index 00000000..27f969f6 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_global_exception_rules_info.py @@ -0,0 +1,138 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_global_exception_rules_info +short_description: Information module for Device Administration Global Exception Rules +description: +- Get all Device Administration Global Exception Rules. +- Get Device Administration Global Exception Rules by id. +- Device Admin - Get global exception rule attribute. +- Device Admin - Get global execption rules. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. Rule id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Authorization Global Exception Rules + description: Complete reference of the Device Administration - Authorization Global Exception Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_authorization_global_exception_rules.DeviceAdministrationAuthorizationGlobalExceptionRules.get_device_admin_policy_set_global_exception_by_rule_id, + device_administration_authorization_global_exception_rules.DeviceAdministrationAuthorizationGlobalExceptionRules.get_device_admin_policy_set_global_exception_rules, + + - Paths used are + get /device-admin/policy-set/global-exception, + get /device-admin/policy-set/global-exception/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Device Administration Global Exception Rules + cisco.ise.device_administration_global_exception_rules_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +- name: Get Device Administration Global Exception Rules by id + cisco.ise.device_administration_global_exception_rules_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "commands": [ + "string" + ], + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "profile": "string", + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_global_exception_rules_reset_hitcount.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_global_exception_rules_reset_hitcount.py new file mode 100644 index 00000000..7a7e1a82 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_global_exception_rules_reset_hitcount.py @@ -0,0 +1,54 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_global_exception_rules_reset_hitcount +short_description: Resource module for Device Administration Global Exception Rules Reset Hitcount +description: +- Manage operation create of the resource Device Administration Global Exception Rules Reset Hitcount. +- Device Admin - Reset HitCount for Global Exceptions. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Authorization Global Exception Rules + description: Complete reference of the Device Administration - Authorization Global Exception Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_authorization_global_exception_rules.DeviceAdministrationAuthorizationGlobalExceptionRules.reset_hit_counts_device_admin_global_exceptions, + + - Paths used are + post /device-admin/policy-set/global-exception/reset-hitcount, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.device_administration_global_exception_rules_reset_hitcount: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "message": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_identity_stores_info.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_identity_stores_info.py new file mode 100644 index 00000000..a0556f72 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_identity_stores_info.py @@ -0,0 +1,59 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_identity_stores_info +short_description: Information module for Device Administration Identity Stores +description: +- Get all Device Administration Identity Stores. +- Device Admin - Return list of identity stores for authentication. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Identity Stores + description: Complete reference of the Device Administration - Identity Stores API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_identity_stores.DeviceAdministrationIdentityStores.get_device_admin_identity_stores, + + - Paths used are + get /device-admin/identity-stores, + +""" + +EXAMPLES = r""" +- name: Get all Device Administration Identity Stores + cisco.ise.device_administration_identity_stores_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_local_exception_rules.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_local_exception_rules.py new file mode 100644 index 00000000..92fe6d8d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_local_exception_rules.py @@ -0,0 +1,529 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_local_exception_rules +short_description: Resource module for Device Administration Local Exception Rules +description: +- Manage operations create, update and delete of the resource Device Administration Local Exception Rules. +- Device Admin - Create local authorization exception rule. +- Device Admin - Delete local exception rule. +- Device Admin - Update local exception rule. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + commands: + description: Command sets enforce the specified list of commands that can be executed + by a device administrator. + elements: str + type: list + id: + description: Id path parameter. Rule id. + type: str + link: + description: Device Administration Local Exception Rules's link. + suboptions: + href: + description: Device Administration Local Exception Rules's href. + type: str + rel: + description: Device Administration Local Exception Rules's rel. + type: str + type: + description: Device Administration Local Exception Rules's type. + type: str + type: dict + policyId: + description: PolicyId path parameter. Policy id. + type: str + profile: + description: Device admin profiles control the initial login session of the device + administrator. + type: str + rule: + description: Common attributes in rule authentication/authorization. + suboptions: + condition: + description: Device Administration Local Exception Rules's condition. + suboptions: + attributeName: + description: Dictionary attribute name. + type: str + attributeValue: + description: <ul><li>Attribute value for condition</li> <li>Value type is + specified in dictionary object</li> <li>if multiple values allowed is + specified in dictionary object</li></ul>. + type: str + children: + description: In case type is andBlock or orBlock addtional conditions will + be aggregated under this logical (OR/AND) condition. + elements: dict + suboptions: + conditionType: + description: <ul><li>Inidicates whether the record is the condition + itself(data) or a logical(or,and) aggregation</li> <li>Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain + condition data but not both</li> <li>Logical aggreation(and,or) enum + indicates that additional conditions are present under the children + field</li></ul>. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Device Administration Local Exception Rules's link. + suboptions: + href: + description: Device Administration Local Exception Rules's href. + type: str + rel: + description: Device Administration Local Exception Rules's rel. + type: str + type: + description: Device Administration Local Exception Rules's type. + type: str + type: dict + type: list + conditionType: + description: <ul><li>Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation</li> <li>Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain + condition data but not both</li> <li>Logical aggreation(and,or) enum indicates + that additional conditions are present under the children field</li></ul>. + type: str + datesRange: + description: <p>Defines for which date/s TimeAndDate condition will be matched<br> + Options are - Date range, for specific date, the same date should be used + for start/end date <br> Default - no specific dates<br> In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)</p>. + suboptions: + endDate: + description: Device Administration Local Exception Rules's endDate. + type: str + startDate: + description: Device Administration Local Exception Rules's startDate. + type: str + type: dict + datesRangeException: + description: <p>Defines for which date/s TimeAndDate condition will be matched<br> + Options are - Date range, for specific date, the same date should be used + for start/end date <br> Default - no specific dates<br> In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)</p>. + suboptions: + endDate: + description: Device Administration Local Exception Rules's endDate. + type: str + startDate: + description: Device Administration Local Exception Rules's startDate. + type: str + type: dict + description: + description: Condition description. + type: str + dictionaryName: + description: Dictionary name. + type: str + dictionaryValue: + description: Dictionary value. + type: str + hoursRange: + description: <p>Defines for which hours a TimeAndDate condition will be + matched<br> Time format - hh mm ( h = hour , mm = minutes ) <br> Default + - All Day </p>. + suboptions: + endTime: + description: Device Administration Local Exception Rules's endTime. + type: str + startTime: + description: Device Administration Local Exception Rules's startTime. + type: str + type: dict + hoursRangeException: + description: <p>Defines for which hours a TimeAndDate condition will be + matched<br> Time format - hh mm ( h = hour , mm = minutes ) <br> Default + - All Day </p>. + suboptions: + endTime: + description: Device Administration Local Exception Rules's endTime. + type: str + startTime: + description: Device Administration Local Exception Rules's startTime. + type: str + type: dict + id: + description: Device Administration Local Exception Rules's id. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Device Administration Local Exception Rules's link. + suboptions: + href: + description: Device Administration Local Exception Rules's href. + type: str + rel: + description: Device Administration Local Exception Rules's rel. + type: str + type: + description: Device Administration Local Exception Rules's type. + type: str + type: dict + name: + description: Condition name. + type: str + operator: + description: Equality operator. + type: str + weekDays: + description: <p>Defines for which days this condition will be matched<br> + Days format - Arrays of WeekDay enums <br> Default - List of All week + days</p>. + elements: str + type: list + weekDaysException: + description: <p>Defines for which days this condition will NOT be matched<br> + Days format - Arrays of WeekDay enums <br> Default - Not enabled</p>. + elements: str + type: list + type: dict + default: + description: Indicates if this rule is the default one. + type: bool + hitCounts: + description: The amount of times the rule was matched. + type: int + id: + description: The identifier of the rule. + type: str + name: + description: Rule name, Valid characters are alphanumerics, underscore, hyphen, + space, period, parentheses. + type: str + rank: + description: The rank(priority) in relation to other rules. Lower rank is higher + priority. + type: int + state: + description: The state that the rule is in. A disabled rule cannot be matched. + type: str + type: dict +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Authorization Exception Rules + description: Complete reference of the Device Administration - Authorization Exception Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_authorization_exception_rules.DeviceAdministrationAuthorizationExceptionRules.create_device_admin_local_exception_rule, + device_administration_authorization_exception_rules.DeviceAdministrationAuthorizationExceptionRules.delete_device_admin_local_exception_rule_by_id, + device_administration_authorization_exception_rules.DeviceAdministrationAuthorizationExceptionRules.update_device_admin_local_exception_rule_by_id, + + - Paths used are + post /device-admin/policy-set/{policyId}/exception, + delete /device-admin/policy-set/{policyId}/exception/{id}, + put /device-admin/policy-set/{policyId}/exception/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.device_administration_local_exception_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + commands: + - string + link: + href: string + rel: string + type: string + policyId: string + profile: string + rule: + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + hitCounts: 0 + id: string + name: string + rank: 0 + state: string + +- name: Update by id + cisco.ise.device_administration_local_exception_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + commands: + - string + id: string + link: + href: string + rel: string + type: string + policyId: string + profile: string + rule: + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + hitCounts: 0 + id: string + name: string + rank: 0 + state: string + +- name: Delete by id + cisco.ise.device_administration_local_exception_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + policyId: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "commands": [ + "string" + ], + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "profile": "string", + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": { + "commands": [ + "string" + ], + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "profile": "string", + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + } + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_local_exception_rules_info.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_local_exception_rules_info.py new file mode 100644 index 00000000..cb1cd914 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_local_exception_rules_info.py @@ -0,0 +1,144 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_local_exception_rules_info +short_description: Information module for Device Administration Local Exception Rules +description: +- Get all Device Administration Local Exception Rules. +- Get Device Administration Local Exception Rules by id. +- Device Admin - Get local exception rule attributes. +- Device Admin - Get local exception rules. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + policyId: + description: + - PolicyId path parameter. Policy id. + type: str + id: + description: + - Id path parameter. Rule id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Authorization Exception Rules + description: Complete reference of the Device Administration - Authorization Exception Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_authorization_exception_rules.DeviceAdministrationAuthorizationExceptionRules.get_device_admin_local_exception_rule_by_id, + device_administration_authorization_exception_rules.DeviceAdministrationAuthorizationExceptionRules.get_device_admin_local_exception_rules, + + - Paths used are + get /device-admin/policy-set/{policyId}/exception, + get /device-admin/policy-set/{policyId}/exception/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Device Administration Local Exception Rules + cisco.ise.device_administration_local_exception_rules_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + policyId: string + register: result + +- name: Get Device Administration Local Exception Rules by id + cisco.ise.device_administration_local_exception_rules_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + policyId: string + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "commands": [ + "string" + ], + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "profile": "string", + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_local_exception_rules_reset_hitcount.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_local_exception_rules_reset_hitcount.py new file mode 100644 index 00000000..8211eb18 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_local_exception_rules_reset_hitcount.py @@ -0,0 +1,58 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_local_exception_rules_reset_hitcount +short_description: Resource module for Device Administration Local Exception Rules Reset Hitcount +description: +- Manage operation create of the resource Device Administration Local Exception Rules Reset Hitcount. +- Device Admin - Reset HitCount for local exceptions. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + policyId: + description: PolicyId path parameter. Policy id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Authorization Exception Rules + description: Complete reference of the Device Administration - Authorization Exception Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_authorization_exception_rules.DeviceAdministrationAuthorizationExceptionRules.reset_hit_counts_device_admin_local_exceptions, + + - Paths used are + post /device-admin/policy-set/{policyId}/exception/reset-hitcount, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.device_administration_local_exception_rules_reset_hitcount: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + policyId: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "message": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_network_conditions.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_network_conditions.py new file mode 100644 index 00000000..30ade1ac --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_network_conditions.py @@ -0,0 +1,302 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_network_conditions +short_description: Resource module for Device Administration Network Conditions +description: +- Manage operations create, update and delete of the resource Device Administration Network Conditions. +- Device Admin- Creates network condition. +- Device Admin - Delete network condition. +- Device Admin - Update network condition. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + conditionType: + description: This field determines the content of the conditions field. + type: str + conditions: + description: Device Administration Network Conditions's conditions. + elements: dict + suboptions: + cliDnisList: + description: <p>This field should contain a Caller ID (CLI), comma, and Called + ID (DNIS).<br> Line format - Caller ID (CLI), Called ID (DNIS)</p>. + elements: str + type: list + conditionType: + description: This field determines the content of the conditions field. + type: str + description: + description: Device Administration Network Conditions's description. + type: str + deviceGroupList: + description: <p>This field should contain a tuple with NDG Root, comma, and + an NDG (that it under the root).<br> Line format - NDG Root Name, NDG, Port</p>. + elements: str + type: list + deviceList: + description: <p>This field should contain Device-Name,port-number. The device + name must be the same as the name field in a Network Device object.<br> Line + format - Device Name,Port</p>. + elements: str + type: list + id: + description: Device Administration Network Conditions's id. + type: str + ipAddrList: + description: <p>This field should contain IP-address-or-subnet,port number<br> + IP address can be IPV4 format (n.n.n.n) or IPV6 format (n n n n n n n n).<br> + IP subnet can be IPV4 format (n.n.n.n/m) or IPV6 format (n n n n n n n n/m).<br> + Line format - IP Address or subnet,Port</p>. + elements: str + type: list + link: + description: Device Administration Network Conditions's link. + suboptions: + href: + description: Device Administration Network Conditions's href. + type: str + rel: + description: Device Administration Network Conditions's rel. + type: str + type: + description: Device Administration Network Conditions's type. + type: str + type: dict + macAddrList: + description: <p>This field should contain Endstation MAC address, comma, and + Destination MAC addresses.<br> Each Max address must include twelve hexadecimal + digits using formats nn nn nn nn nn nn or nn-nn-nn-nn-nn-nn or nnnn.nnnn.nnnn + or nnnnnnnnnnnn.<br> Line format - Endstation MAC,Destination MAC </p>. + elements: str + type: list + name: + description: Network Condition name. + type: str + type: list + description: + description: Device Administration Network Conditions's description. + type: str + id: + description: Device Administration Network Conditions's id. + type: str + link: + description: Device Administration Network Conditions's link. + suboptions: + href: + description: Device Administration Network Conditions's href. + type: str + rel: + description: Device Administration Network Conditions's rel. + type: str + type: + description: Device Administration Network Conditions's type. + type: str + type: dict + name: + description: Network Condition name. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Network Conditions + description: Complete reference of the Device Administration - Network Conditions API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_network_conditions.DeviceAdministrationNetworkConditions.create_device_admin_network_condition, + device_administration_network_conditions.DeviceAdministrationNetworkConditions.delete_device_admin_network_condition_by_id, + device_administration_network_conditions.DeviceAdministrationNetworkConditions.update_device_admin_network_condition_by_id, + + - Paths used are + post /device-admin/network-condition, + delete /device-admin/network-condition/{id}, + put /device-admin/network-condition/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.device_administration_network_conditions: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + conditionType: string + conditions: + - cliDnisList: + - string + conditionType: string + description: string + deviceGroupList: + - string + deviceList: + - string + id: string + ipAddrList: + - string + link: + href: string + rel: string + type: string + macAddrList: + - string + name: string + description: string + id: string + link: + href: string + rel: string + type: string + name: string + +- name: Update by id + cisco.ise.device_administration_network_conditions: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + conditionType: string + conditions: + - cliDnisList: + - string + conditionType: string + description: string + deviceGroupList: + - string + deviceList: + - string + id: string + ipAddrList: + - string + link: + href: string + rel: string + type: string + macAddrList: + - string + name: string + description: string + id: string + link: + href: string + rel: string + type: string + name: string + +- name: Delete by id + cisco.ise.device_administration_network_conditions: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "conditionType": "string", + "description": "string", + "id": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "name": "string", + "conditions": [ + { + "cliDnisList": [ + "string" + ], + "conditionType": "string", + "description": "string", + "id": "string", + "ipAddrList": [ + "string" + ], + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "macAddrList": [ + "string" + ], + "name": "string", + "deviceGroupList": [ + "string" + ], + "deviceList": [ + "string" + ] + } + ] + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": { + "conditionType": "string", + "description": "string", + "id": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "name": "string", + "conditions": [ + { + "cliDnisList": [ + "string" + ], + "conditionType": "string", + "description": "string", + "id": "string", + "ipAddrList": [ + "string" + ], + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "macAddrList": [ + "string" + ], + "name": "string", + "deviceGroupList": [ + "string" + ], + "deviceList": [ + "string" + ] + } + ] + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_network_conditions_info.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_network_conditions_info.py new file mode 100644 index 00000000..318e50bb --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_network_conditions_info.py @@ -0,0 +1,108 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_network_conditions_info +short_description: Information module for Device Administration Network Conditions +description: +- Get all Device Administration Network Conditions. +- Get Device Administration Network Conditions by id. +- Device Admin - Returns a list of network conditions. +- Device Admin - Returns a network condition. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. Condition id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Network Conditions + description: Complete reference of the Device Administration - Network Conditions API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_network_conditions.DeviceAdministrationNetworkConditions.get_device_admin_network_condition_by_id, + device_administration_network_conditions.DeviceAdministrationNetworkConditions.get_device_admin_network_conditions, + + - Paths used are + get /device-admin/network-condition, + get /device-admin/network-condition/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Device Administration Network Conditions + cisco.ise.device_administration_network_conditions_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +- name: Get Device Administration Network Conditions by id + cisco.ise.device_administration_network_conditions_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "conditionType": "string", + "description": "string", + "id": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "name": "string", + "conditions": [ + { + "cliDnisList": [ + "string" + ], + "conditionType": "string", + "description": "string", + "id": "string", + "ipAddrList": [ + "string" + ], + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "macAddrList": [ + "string" + ], + "name": "string", + "deviceGroupList": [ + "string" + ], + "deviceList": [ + "string" + ] + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_policy_set.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_policy_set.py new file mode 100644 index 00000000..b6db2058 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_policy_set.py @@ -0,0 +1,505 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_policy_set +short_description: Resource module for Device Administration Policy Set +description: +- Manage operations create, update and delete of the resource Device Administration Policy Set. +- Device Admin - Create a new policy set. +- Device Admin - Delete a policy set. +- Device Admin - Update a policy set. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + condition: + description: Device Administration Policy Set's condition. + suboptions: + attributeName: + description: Dictionary attribute name. + type: str + attributeValue: + description: <ul><li>Attribute value for condition</li> <li>Value type is specified + in dictionary object</li> <li>if multiple values allowed is specified in dictionary + object</li></ul>. + type: str + children: + description: In case type is andBlock or orBlock addtional conditions will be + aggregated under this logical (OR/AND) condition. + elements: dict + suboptions: + conditionType: + description: <ul><li>Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation</li> <li>Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain + condition data but not both</li> <li>Logical aggreation(and,or) enum indicates + that additional conditions are present under the children field</li></ul>. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Device Administration Policy Set's link. + suboptions: + href: + description: Device Administration Policy Set's href. + type: str + rel: + description: Device Administration Policy Set's rel. + type: str + type: + description: Device Administration Policy Set's type. + type: str + type: dict + type: list + conditionType: + description: <ul><li>Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation</li> <li>Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain condition + data but not both</li> <li>Logical aggreation(and,or) enum indicates that + additional conditions are present under the children field</li></ul>. + type: str + datesRange: + description: <p>Defines for which date/s TimeAndDate condition will be matched<br> + Options are - Date range, for specific date, the same date should be used + for start/end date <br> Default - no specific dates<br> In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)</p>. + suboptions: + endDate: + description: Device Administration Policy Set's endDate. + type: str + startDate: + description: Device Administration Policy Set's startDate. + type: str + type: dict + datesRangeException: + description: <p>Defines for which date/s TimeAndDate condition will be matched<br> + Options are - Date range, for specific date, the same date should be used + for start/end date <br> Default - no specific dates<br> In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)</p>. + suboptions: + endDate: + description: Device Administration Policy Set's endDate. + type: str + startDate: + description: Device Administration Policy Set's startDate. + type: str + type: dict + description: + description: Condition description. + type: str + dictionaryName: + description: Dictionary name. + type: str + dictionaryValue: + description: Dictionary value. + type: str + hoursRange: + description: <p>Defines for which hours a TimeAndDate condition will be matched<br> + Time format - hh mm ( h = hour , mm = minutes ) <br> Default - All Day </p>. + suboptions: + endTime: + description: Device Administration Policy Set's endTime. + type: str + startTime: + description: Device Administration Policy Set's startTime. + type: str + type: dict + hoursRangeException: + description: <p>Defines for which hours a TimeAndDate condition will be matched<br> + Time format - hh mm ( h = hour , mm = minutes ) <br> Default - All Day </p>. + suboptions: + endTime: + description: Device Administration Policy Set's endTime. + type: str + startTime: + description: Device Administration Policy Set's startTime. + type: str + type: dict + id: + description: Device Administration Policy Set's id. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Device Administration Policy Set's link. + suboptions: + href: + description: Device Administration Policy Set's href. + type: str + rel: + description: Device Administration Policy Set's rel. + type: str + type: + description: Device Administration Policy Set's type. + type: str + type: dict + name: + description: Condition name. + type: str + operator: + description: Equality operator. + type: str + weekDays: + description: <p>Defines for which days this condition will be matched<br> Days + format - Arrays of WeekDay enums <br> Default - List of All week days</p>. + elements: str + type: list + weekDaysException: + description: <p>Defines for which days this condition will NOT be matched<br> + Days format - Arrays of WeekDay enums <br> Default - Not enabled</p>. + elements: str + type: list + type: dict + default: + description: Flag which indicates if this policy set is the default one. + type: bool + description: + description: The description for the policy set. + type: str + hitCounts: + description: The amount of times the policy was matched. + type: int + id: + description: Identifier for the policy set. + type: str + isProxy: + description: Flag which indicates if the policy set service is of type 'Proxy Sequence' + or 'Allowed Protocols'. + type: bool + link: + description: Device Administration Policy Set's link. + suboptions: + href: + description: Device Administration Policy Set's href. + type: str + rel: + description: Device Administration Policy Set's rel. + type: str + type: + description: Device Administration Policy Set's type. + type: str + type: dict + name: + description: Given name for the policy set, Valid characters are alphanumerics, + underscore, hyphen, space, period, parentheses. + type: str + rank: + description: The rank(priority) in relation to other policy set. Lower rank is higher + priority. + type: int + serviceName: + description: Policy set service identifier - Allowed Protocols,Server Sequence.. + type: str + state_: + description: The state that the policy set is in. A disabled policy set cannot be + matched. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Policy Set + description: Complete reference of the Device Administration - Policy Set API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_policy_set.DeviceAdministrationPolicySet.create_device_admin_policy_set, + device_administration_policy_set.DeviceAdministrationPolicySet.delete_device_admin_policy_set_by_id, + device_administration_policy_set.DeviceAdministrationPolicySet.update_device_admin_policy_set_by_id, + + - Paths used are + post /device-admin/policy-set, + delete /device-admin/policy-set/{id}, + put /device-admin/policy-set/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.device_administration_policy_set: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + description: string + hitCounts: 0 + id: string + isProxy: true + link: + href: string + rel: string + type: string + name: string + rank: 0 + serviceName: string + state_: string + +- name: Update by id + cisco.ise.device_administration_policy_set: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + description: string + hitCounts: 0 + id: string + isProxy: true + link: + href: string + rel: string + type: string + name: string + rank: 0 + serviceName: string + state_: string + +- name: Delete by id + cisco.ise.device_administration_policy_set: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "description": "string", + "hitCounts": 0, + "id": "string", + "isProxy": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "name": "string", + "rank": 0, + "serviceName": "string", + "state": "string" + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "description": "string", + "hitCounts": 0, + "id": "string", + "isProxy": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "name": "string", + "rank": 0, + "serviceName": "string", + "state": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_policy_set_info.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_policy_set_info.py new file mode 100644 index 00000000..c6894900 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_policy_set_info.py @@ -0,0 +1,135 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_policy_set_info +short_description: Information module for Device Administration Policy Set +description: +- Get all Device Administration Policy Set. +- Get Device Administration Policy Set by id. +- Device Admin - Get policy set attributes. +- Device Admin - List of policy sets. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. Policy id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Policy Set + description: Complete reference of the Device Administration - Policy Set API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_policy_set.DeviceAdministrationPolicySet.get_device_admin_policy_set_by_id, + device_administration_policy_set.DeviceAdministrationPolicySet.get_device_admin_policy_sets, + + - Paths used are + get /device-admin/policy-set, + get /device-admin/policy-set/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Device Administration Policy Set + cisco.ise.device_administration_policy_set_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +- name: Get Device Administration Policy Set by id + cisco.ise.device_administration_policy_set_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "description": "string", + "hitCounts": 0, + "id": "string", + "isProxy": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "name": "string", + "rank": 0, + "serviceName": "string", + "state": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_policy_set_reset_hitcount.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_policy_set_reset_hitcount.py new file mode 100644 index 00000000..88893a0d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_policy_set_reset_hitcount.py @@ -0,0 +1,54 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_policy_set_reset_hitcount +short_description: Resource module for Device Administration Policy Set Reset Hitcount +description: +- Manage operation create of the resource Device Administration Policy Set Reset Hitcount. +- Device Admin - Reset HitCount for PolicySets. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Policy Set + description: Complete reference of the Device Administration - Policy Set API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_policy_set.DeviceAdministrationPolicySet.reset_hit_counts_device_admin_policy_sets, + + - Paths used are + post /device-admin/policy-set/reset-hitcount, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.device_administration_policy_set_reset_hitcount: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "message": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_profiles_info.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_profiles_info.py new file mode 100644 index 00000000..2a72e4e9 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_profiles_info.py @@ -0,0 +1,59 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_profiles_info +short_description: Information module for Device Administration Profiles +description: +- Get all Device Administration Profiles. +- Device Admin - Returns list of shell profiles. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Profiles + description: Complete reference of the Device Administration - Profiles API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_profiles.DeviceAdministrationProfiles.get_device_admin_profiles, + + - Paths used are + get /device-admin/shell-profiles, + +""" + +EXAMPLES = r""" +- name: Get all Device Administration Profiles + cisco.ise.device_administration_profiles_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_service_names_info.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_service_names_info.py new file mode 100644 index 00000000..0cd8de91 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_service_names_info.py @@ -0,0 +1,61 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_service_names_info +short_description: Information module for Device Administration Service Names +description: +- Get all Device Administration Service Names. +- Returns list of Allowed Protocols and Server Sequences for Device Admin Policy. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Service Names + description: Complete reference of the Device Administration - Service Names API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_service_names.DeviceAdministrationServiceNames.get_device_admin_service_names, + + - Paths used are + get /device-admin/service-names, + +""" + +EXAMPLES = r""" +- name: Get all Device Administration Service Names + cisco.ise.device_administration_service_names_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "id": "string", + "isLocalAuthorization": true, + "name": "string", + "serviceType": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_time_date_conditions.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_time_date_conditions.py new file mode 100644 index 00000000..0e115d18 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_time_date_conditions.py @@ -0,0 +1,299 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_time_date_conditions +short_description: Resource module for Device Administration Time Date Conditions +description: +- Manage operations create, update and delete of the resource Device Administration Time Date Conditions. +- Device Admin - Creates time/date condition. +- Device Admin - Delete Time/Date condition. +- Device Admin - Update network condition. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + attributeName: + description: Dictionary attribute name. + type: str + attributeValue: + description: <ul><li>Attribute value for condition</li> <li>Value type is specified + in dictionary object</li> <li>if multiple values allowed is specified in dictionary + object</li></ul>. + type: str + children: + description: In case type is andBlock or orBlock addtional conditions will be aggregated + under this logical (OR/AND) condition. + elements: dict + suboptions: + conditionType: + description: <ul><li>Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation</li> <li>Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain condition + data but not both</li> <li>Logical aggreation(and,or) enum indicates that + additional conditions are present under the children field</li></ul>. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Device Administration Time Date Conditions's link. + suboptions: + href: + description: Device Administration Time Date Conditions's href. + type: str + rel: + description: Device Administration Time Date Conditions's rel. + type: str + type: + description: Device Administration Time Date Conditions's type. + type: str + type: dict + type: list + conditionType: + description: <ul><li>Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation</li> <li>Data type enum(reference,single) indicates + than "conditonId" OR "ConditionAttrs" fields should contain condition data but + not both</li> <li>Logical aggreation(and,or) enum indicates that additional conditions + are present under the children field</li></ul>. + type: str + datesRange: + description: <p>Defines for which date/s TimeAndDate condition will be matched<br> + Options are - Date range, for specific date, the same date should be used for + start/end date <br> Default - no specific dates<br> In order to reset the dates + to have no specific dates Date format - yyyy-mm-dd (MM = month, dd = day, yyyy + = year)</p>. + suboptions: + endDate: + description: Device Administration Time Date Conditions's endDate. + type: str + startDate: + description: Device Administration Time Date Conditions's startDate. + type: str + type: dict + datesRangeException: + description: <p>Defines for which date/s TimeAndDate condition will be matched<br> + Options are - Date range, for specific date, the same date should be used for + start/end date <br> Default - no specific dates<br> In order to reset the dates + to have no specific dates Date format - yyyy-mm-dd (MM = month, dd = day, yyyy + = year)</p>. + suboptions: + endDate: + description: Device Administration Time Date Conditions's endDate. + type: str + startDate: + description: Device Administration Time Date Conditions's startDate. + type: str + type: dict + description: + description: Condition description. + type: str + dictionaryName: + description: Dictionary name. + type: str + dictionaryValue: + description: Dictionary value. + type: str + hoursRange: + description: <p>Defines for which hours a TimeAndDate condition will be matched<br> + Time format - hh mm ( h = hour , mm = minutes ) <br> Default - All Day </p>. + suboptions: + endTime: + description: Device Administration Time Date Conditions's endTime. + type: str + startTime: + description: Device Administration Time Date Conditions's startTime. + type: str + type: dict + hoursRangeException: + description: <p>Defines for which hours a TimeAndDate condition will be matched<br> + Time format - hh mm ( h = hour , mm = minutes ) <br> Default - All Day </p>. + suboptions: + endTime: + description: Device Administration Time Date Conditions's endTime. + type: str + startTime: + description: Device Administration Time Date Conditions's startTime. + type: str + type: dict + id: + description: Device Administration Time Date Conditions's id. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Device Administration Time Date Conditions's link. + suboptions: + href: + description: Device Administration Time Date Conditions's href. + type: str + rel: + description: Device Administration Time Date Conditions's rel. + type: str + type: + description: Device Administration Time Date Conditions's type. + type: str + type: dict + name: + description: Condition name. + type: str + operator: + description: Equality operator. + type: str + weekDays: + description: <p>Defines for which days this condition will be matched<br> Days format + - Arrays of WeekDay enums <br> Default - List of All week days</p>. + elements: str + type: list + weekDaysException: + description: <p>Defines for which days this condition will NOT be matched<br> Days + format - Arrays of WeekDay enums <br> Default - Not enabled</p>. + elements: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Time/Date Conditions + description: Complete reference of the Device Administration - Time/Date Conditions API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_time_date_conditions.DeviceAdministrationTimeDateConditions.create_device_admin_time_condition, + device_administration_time_date_conditions.DeviceAdministrationTimeDateConditions.delete_device_admin_time_condition_by_id, + device_administration_time_date_conditions.DeviceAdministrationTimeDateConditions.update_device_admin_time_condition_by_id, + + - Paths used are + post /device-admin/time-condition, + delete /device-admin/time-condition/{id}, + put /device-admin/time-condition/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.device_administration_time_date_conditions: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + +- name: Update by id + cisco.ise.device_administration_time_date_conditions: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + +- name: Delete by id + cisco.ise.device_administration_time_date_conditions: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": {}, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/device_administration_time_date_conditions_info.py b/ansible_collections/cisco/ise/plugins/modules/device_administration_time_date_conditions_info.py new file mode 100644 index 00000000..55a51384 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/device_administration_time_date_conditions_info.py @@ -0,0 +1,70 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: device_administration_time_date_conditions_info +short_description: Information module for Device Administration Time Date Conditions +description: +- Get all Device Administration Time Date Conditions. +- Get Device Administration Time Date Conditions by id. +- Device Admin - Returns a list of time and date conditions. +- Device Admin - Returns a network condition. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. Condition id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Device Administration - Time/Date Conditions + description: Complete reference of the Device Administration - Time/Date Conditions API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + device_administration_time_date_conditions.DeviceAdministrationTimeDateConditions.get_device_admin_time_condition_by_id, + device_administration_time_date_conditions.DeviceAdministrationTimeDateConditions.get_device_admin_time_conditions, + + - Paths used are + get /device-admin/time-condition, + get /device-admin/time-condition/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Device Administration Time Date Conditions + cisco.ise.device_administration_time_date_conditions_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +- name: Get Device Administration Time Date Conditions by id + cisco.ise.device_administration_time_date_conditions_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/downloadable_acl.py b/ansible_collections/cisco/ise/plugins/modules/downloadable_acl.py new file mode 100644 index 00000000..213fcdbd --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/downloadable_acl.py @@ -0,0 +1,154 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: downloadable_acl +short_description: Resource module for Downloadable ACL +description: +- Manage operations create, update and delete of the resource Downloadable ACL. +- This API creates a downloadable ACL. +- This API deletes a downloadable ACL. +- This API allows the client to update a downloadable ACL. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + dacl: + description: The DACL Content. Use the string \\n for a newline. + type: str + daclType: + description: Allowed values - IPV4, - IPV6, - IP_AGNOSTIC. + type: str + description: + description: Use the string \\n for a newline. + type: str + id: + description: Downloadable ACL's id. + type: str + name: + description: Resource Name. Name may contain alphanumeric or any of the following + characters _.-. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + downloadable_acl.DownloadableAcl.create_downloadable_acl, + downloadable_acl.DownloadableAcl.delete_downloadable_acl_by_id, + downloadable_acl.DownloadableAcl.update_downloadable_acl_by_id, + + - Paths used are + post /ers/config/downloadableacl, + delete /ers/config/downloadableacl/{id}, + put /ers/config/downloadableacl/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.downloadable_acl: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + dacl: string + daclType: string + description: string + id: string + name: string + +- name: Update by id with multiline ACL + cisco.ise.downloadable_acl: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + dacl: "permit udp any eq bootpc any eq bootps\n permit tcp any host {{ise-ip}} eq www" + daclType: string + description: "this is my\n multiline\n ACL." + id: string + name: string + +- name: Delete by id + cisco.ise.downloadable_acl: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.downloadable_acl: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + dacl: string + daclType: string + description: string + name: string + +- name: Create with multiline ACL + cisco.ise.downloadable_acl: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + dacl: "permit udp any eq bootpc any eq bootps\n permit tcp any host {{ise-ip}} eq www" + daclType: string + description: "this is my\n multiline\n ACL." + name: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "dacl": "string", + "daclType": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/downloadable_acl_info.py b/ansible_collections/cisco/ise/plugins/modules/downloadable_acl_info.py new file mode 100644 index 00000000..3931cdda --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/downloadable_acl_info.py @@ -0,0 +1,109 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: downloadable_acl_info +short_description: Information module for Downloadable ACL +description: +- Get all Downloadable ACL. +- Get Downloadable ACL by id. +- This API allows the client to get a downloadable ACL by ID. +- This API allows the client to get all downloadable ACLs. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + downloadable_acl.DownloadableAcl.get_downloadable_acl_by_id, + downloadable_acl.DownloadableAcl.get_downloadable_acl_generator, + + - Paths used are + get /ers/config/downloadableacl, + get /ers/config/downloadableacl/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Downloadable ACL + cisco.ise.downloadable_acl_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + register: result + +- name: Get Downloadable ACL by id + cisco.ise.downloadable_acl_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "dacl": "string", + "daclType": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "dacl": "string", + "daclType": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell.py b/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell.py new file mode 100644 index 00000000..ac0e06b7 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell.py @@ -0,0 +1,151 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: egress_matrix_cell +short_description: Resource module for Egress Matrix Cell +description: +- Manage operations create, update and delete of the resource Egress Matrix Cell. +- This API creates an egress matrix cell. +- This API deletes an egress matrix cell. +- This API allows the client to update an egress matrix cell. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + defaultRule: + description: Allowed values - NONE, - DENY_IP, - PERMIT_IP. + type: str + description: + description: Egress Matrix Cell's description. + type: str + destinationSGtId: + description: Egress Matrix Cell's destinationSGtId. + type: str + id: + description: Egress Matrix Cell's id. + type: str + matrixCellStatus: + description: Allowed values - DISABLED, - ENABLED, - MONITOR. + type: str + name: + description: Egress Matrix Cell's name. + type: str + sgacls: + description: Egress Matrix Cell's sgacls. + elements: str + type: list + sourceSGtId: + description: Egress Matrix Cell's sourceSGtId. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + egress_matrix_cell.EgressMatrixCell.create_egress_matrix_cell, + egress_matrix_cell.EgressMatrixCell.delete_egress_matrix_cell_by_id, + egress_matrix_cell.EgressMatrixCell.update_egress_matrix_cell_by_id, + + - Paths used are + post /ers/config/egressmatrixcell, + delete /ers/config/egressmatrixcell/{id}, + put /ers/config/egressmatrixcell/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.egress_matrix_cell: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + defaultRule: string + description: string + destinationSgtId: string + id: string + matrixCellStatus: string + name: string + sgacls: + - string + sourceSgtId: string + +- name: Delete by id + cisco.ise.egress_matrix_cell: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.egress_matrix_cell: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + defaultRule: string + description: string + destinationSgtId: string + matrixCellStatus: string + name: string + sgacls: + - string + sourceSgtId: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "sourceSgtId": "string", + "destinationSgtId": "string", + "matrixCellStatus": "string", + "defaultRule": "string", + "sgacls": [ + "string" + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_bulk_monitor_status_info.py new file mode 100644 index 00000000..a24a81b0 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_bulk_monitor_status_info.py @@ -0,0 +1,72 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: egress_matrix_cell_bulk_monitor_status_info +short_description: Information module for Egress Matrix Cell Bulk Monitor Status +description: +- Get Egress Matrix Cell Bulk Monitor Status by id. +- This API allows the client to monitor the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + bulkid: + description: + - Bulkid path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + egress_matrix_cell.EgressMatrixCell.monitor_bulk_status_egress_matrix_cell, + + - Paths used are + get /ers/config/egressmatrixcell/bulk/{bulkid}, + +""" + +EXAMPLES = r""" +- name: Get Egress Matrix Cell Bulk Monitor Status by id + cisco.ise.egress_matrix_cell_bulk_monitor_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + bulkid: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "bulkId": "string", + "mediaType": "string", + "executionStatus": "string", + "operationType": "string", + "startTime": "string", + "resourcesCount": 0, + "successCount": 0, + "failCount": 0, + "resourcesStatus": [ + { + "id": "string", + "name": "string", + "description": "string", + "resourceExecutionStatus": "string", + "status": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_bulk_request.py b/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_bulk_request.py new file mode 100644 index 00000000..88df775e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_bulk_request.py @@ -0,0 +1,56 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: egress_matrix_cell_bulk_request +short_description: Resource module for Egress Matrix Cell Bulk Request +description: +- Manage operation update of the resource Egress Matrix Cell Bulk Request. +- This API allows the client to submit the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + operationType: + description: Egress Matrix Cell Bulk Request's operationType. + type: str + resourceMediaType: + description: Egress Matrix Cell Bulk Request's resourceMediaType. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + egress_matrix_cell.EgressMatrixCell.bulk_request_for_egress_matrix_cell, + + - Paths used are + put /ers/config/egressmatrixcell/bulk/submit, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.egress_matrix_cell_bulk_request: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + operationType: string + resourceMediaType: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_clear_all.py b/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_clear_all.py new file mode 100644 index 00000000..3e325339 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_clear_all.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: egress_matrix_cell_clear_all +short_description: Resource module for Egress Matrix Cell Clear All +description: +- Manage operation update of the resource Egress Matrix Cell Clear All. +- This API allows the client to clear all the egress matrix cells. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + egress_matrix_cell.EgressMatrixCell.clear_all_matrix_cells, + + - Paths used are + put /ers/config/egressmatrixcell/clearallmatrixcells, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.egress_matrix_cell_clear_all: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_clone.py b/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_clone.py new file mode 100644 index 00000000..7dd4fda3 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_clone.py @@ -0,0 +1,69 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: egress_matrix_cell_clone +short_description: Resource module for Egress Matrix Cell Clone +description: +- Manage operation update of the resource Egress Matrix Cell Clone. +- This API allows the client to clone an egress matrix cell. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + dstSGtId: + description: DstSGtId path parameter. + type: str + id: + description: Id path parameter. + type: str + srcSGtId: + description: SrcSGtId path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + egress_matrix_cell.EgressMatrixCell.clone_matrix_cell, + + - Paths used are + put /ers/config/egressmatrixcell/clonecell/{id}/srcSgt/{srcSgtId}/dstSgt/{dstSgtId}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.egress_matrix_cell_clone: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + dstSgtId: string + id: string + srcSgtId: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "OperationResult": { + "resultValue": [ + { + "value": "string", + "name": "string" + } + ] + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_info.py b/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_info.py new file mode 100644 index 00000000..eeb4655a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_info.py @@ -0,0 +1,157 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: egress_matrix_cell_info +short_description: Information module for Egress Matrix Cell +description: +- Get all Egress Matrix Cell. +- Get Egress Matrix Cell by id. +- This API allows the client to get all the egress matrix cell. +- This API allows the client to get an egress matrix cell by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + egress_matrix_cell.EgressMatrixCell.get_egress_matrix_cell_by_id, + egress_matrix_cell.EgressMatrixCell.get_egress_matrix_cell_generator, + + - Paths used are + get /ers/config/egressmatrixcell, + get /ers/config/egressmatrixcell/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Egress Matrix Cell + cisco.ise.egress_matrix_cell_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Egress Matrix Cell by id + cisco.ise.egress_matrix_cell_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "sourceSgtId": "string", + "destinationSgtId": "string", + "matrixCellStatus": "string", + "defaultRule": "string", + "sgacls": [ + "string" + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "sourceSgtId": "string", + "destinationSgtId": "string", + "matrixCellStatus": "string", + "defaultRule": "string", + "sgacls": [ + "string" + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_set_all_status.py b/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_set_all_status.py new file mode 100644 index 00000000..1f416034 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/egress_matrix_cell_set_all_status.py @@ -0,0 +1,52 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: egress_matrix_cell_set_all_status +short_description: Resource module for Egress Matrix Cell Set All Status +description: +- Manage operation update of the resource Egress Matrix Cell Set All Status. +- This API allows the client to set status of all the egress matrix cells. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + status: + description: Status path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + egress_matrix_cell.EgressMatrixCell.set_all_cells_status, + + - Paths used are + put /ers/config/egressmatrixcell/status/{status}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.egress_matrix_cell_set_all_status: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + status: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/endpoint.py b/ansible_collections/cisco/ise/plugins/modules/endpoint.py new file mode 100644 index 00000000..74db5cd1 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/endpoint.py @@ -0,0 +1,262 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: endpoint +short_description: Resource module for Endpoint +description: +- Manage operations create, update and delete of the resource Endpoint. +- This API creates an endpoint. +- This API deletes an endpoint. +- This API allows the client to update an endpoint. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + customAttributes: + description: Endpoint's customAttributes. + suboptions: + customAttributes: + description: Key value map. + type: dict + type: dict + description: + description: Endpoint's description. + type: str + groupId: + description: Endpoint's groupId. + type: str + id: + description: Endpoint's id. + type: str + identityStore: + description: Endpoint's identityStore. + type: str + identityStoreId: + description: Endpoint's identityStoreId. + type: str + mac: + description: Endpoint's mac. + type: str + mdmAttributes: + description: Endpoint's mdmAttributes. + suboptions: + mdmComplianceStatus: + description: MdmComplianceStatus flag. + type: bool + mdmEncrypted: + description: MdmEncrypted flag. + type: bool + mdmEnrolled: + description: MdmEnrolled flag. + type: bool + mdmIMEI: + description: Endpoint's mdmIMEI. + type: str + mdmJailBroken: + description: MdmJailBroken flag. + type: bool + mdmManufacturer: + description: Endpoint's mdmManufacturer. + type: str + mdmModel: + description: Endpoint's mdmModel. + type: str + mdmOS: + description: Endpoint's mdmOS. + type: str + mdmPhoneNumber: + description: Endpoint's mdmPhoneNumber. + type: str + mdmPinlock: + description: MdmPinlock flag. + type: bool + mdmReachable: + description: MdmReachable flag. + type: bool + mdmSerial: + description: Endpoint's mdmSerial. + type: str + mdmServerName: + description: Endpoint's mdmServerName. + type: str + type: dict + name: + description: Endpoint's name. + type: str + portalUser: + description: Endpoint's portalUser. + type: str + profileId: + description: Endpoint's profileId. + type: str + staticGroupAssignment: + description: StaticGroupAssignment flag. + type: bool + staticProfileAssignment: + description: StaticProfileAssignment flag. + type: bool +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + endpoint.Endpoint.create_endpoint, + endpoint.Endpoint.delete_endpoint_by_id, + endpoint.Endpoint.update_endpoint_by_id, + + - Paths used are + post /ers/config/endpoint, + delete /ers/config/endpoint/{id}, + put /ers/config/endpoint/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.endpoint: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + customAttributes: + customAttributes: {} + description: string + groupId: string + id: string + identityStore: string + identityStoreId: string + mac: string + mdmAttributes: + mdmComplianceStatus: true + mdmEncrypted: true + mdmEnrolled: true + mdmIMEI: string + mdmJailBroken: true + mdmManufacturer: string + mdmModel: string + mdmOS: string + mdmPhoneNumber: string + mdmPinlock: true + mdmReachable: true + mdmSerial: string + mdmServerName: string + portalUser: string + profileId: string + staticGroupAssignment: true + staticProfileAssignment: true + +- name: Delete by id + cisco.ise.endpoint: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.endpoint: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + customAttributes: + customAttributes: {} + description: string + groupId: string + identityStore: string + identityStoreId: string + mac: string + mdmAttributes: + mdmComplianceStatus: true + mdmEncrypted: true + mdmEnrolled: true + mdmIMEI: string + mdmJailBroken: true + mdmManufacturer: string + mdmModel: string + mdmOS: string + mdmPhoneNumber: string + mdmPinlock: true + mdmReachable: true + mdmSerial: string + mdmServerName: string + portalUser: string + profileId: string + staticGroupAssignment: true + staticProfileAssignment: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "mac": "string", + "profileId": "string", + "staticProfileAssignment": true, + "groupId": "string", + "staticGroupAssignment": true, + "portalUser": "string", + "identityStore": "string", + "identityStoreId": "string", + "mdmAttributes": { + "mdmServerName": "string", + "mdmReachable": true, + "mdmEnrolled": true, + "mdmComplianceStatus": true, + "mdmOS": "string", + "mdmManufacturer": "string", + "mdmModel": "string", + "mdmSerial": "string", + "mdmEncrypted": true, + "mdmPinlock": true, + "mdmJailBroken": true, + "mdmIMEI": "string", + "mdmPhoneNumber": "string" + }, + "customAttributes": { + "customAttributes": {} + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/endpoint_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/modules/endpoint_bulk_monitor_status_info.py new file mode 100644 index 00000000..520910f4 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/endpoint_bulk_monitor_status_info.py @@ -0,0 +1,72 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: endpoint_bulk_monitor_status_info +short_description: Information module for Endpoint Bulk Monitor Status +description: +- Get Endpoint Bulk Monitor Status by id. +- This API allows the client to monitor the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + bulkid: + description: + - Bulkid path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + endpoint.Endpoint.monitor_bulk_status_endpoint, + + - Paths used are + get /ers/config/endpoint/bulk/{bulkid}, + +""" + +EXAMPLES = r""" +- name: Get Endpoint Bulk Monitor Status by id + cisco.ise.endpoint_bulk_monitor_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + bulkid: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "bulkId": "string", + "mediaType": "string", + "executionStatus": "string", + "operationType": "string", + "startTime": "string", + "resourcesCount": 0, + "successCount": 0, + "failCount": 0, + "resourcesStatus": [ + { + "id": "string", + "name": "string", + "description": "string", + "resourceExecutionStatus": "string", + "status": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/endpoint_bulk_request.py b/ansible_collections/cisco/ise/plugins/modules/endpoint_bulk_request.py new file mode 100644 index 00000000..dafe2a80 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/endpoint_bulk_request.py @@ -0,0 +1,56 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: endpoint_bulk_request +short_description: Resource module for Endpoint Bulk Request +description: +- Manage operation update of the resource Endpoint Bulk Request. +- This API allows the client to submit the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + operationType: + description: Endpoint Bulk Request's operationType. + type: str + resourceMediaType: + description: Endpoint Bulk Request's resourceMediaType. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + endpoint.Endpoint.bulk_request_for_endpoint, + + - Paths used are + put /ers/config/endpoint/bulk/submit, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.endpoint_bulk_request: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + operationType: string + resourceMediaType: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/endpoint_certificate.py b/ansible_collections/cisco/ise/plugins/modules/endpoint_certificate.py new file mode 100644 index 00000000..8f31278f --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/endpoint_certificate.py @@ -0,0 +1,97 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: endpoint_certificate +short_description: Resource module for Endpoint Certificate +description: +- Manage operation update of the resource Endpoint Certificate. +- This API allows the client to create an endpoint certificate. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + certTemplateName: + description: Name of an Internal CA template. + type: str + certificateRequest: + description: Key value map. Must have CN and SAN entries. + suboptions: + cn: + description: Matches the requester's User Name, unless the Requester is an ERS + Admin. ERS Admins are allowed to create requests for any CN. + type: str + san: + description: Valid MAC Address, delimited by '-'. + type: str + type: dict + dirPath: + description: Directory absolute path. Defaults to the current working directory. + type: str + filename: + description: The filename used to save the download file. + type: str + format: + description: Allowed values - PKCS12, - PKCS12_CHAIN, - PKCS8, - PKCS8_CHAIN. + type: str + password: + description: Protects the private key. Must have more than 8 characters, less than + 15 characters, at least one upper case letter, at least one lower case letter, + at least one digit, and can only contain A-Za-z0-9_#. + type: str + saveFile: + description: Enable or disable automatic file creation of raw response. + type: bool +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for EndpointCertificate + description: Complete reference of the EndpointCertificate API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!endpointcert +notes: + - SDK Method used are + endpoint_certificate.EndpointCertificate.create_endpoint_certificate, + + - Paths used are + put /ers/config/endpointcert/certRequest, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.endpoint_certificate: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + certTemplateName: string + certificateRequest: + cn: string + san: string + dirPath: /tmp/downloads/ + filename: download_filename.extension + format: string + password: string + saveFile: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "data": "filecontent", + "filename": "filename", + "dirpath": "download/directory", + "path": "download/directory/filename" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/endpoint_deregister.py b/ansible_collections/cisco/ise/plugins/modules/endpoint_deregister.py new file mode 100644 index 00000000..2835d630 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/endpoint_deregister.py @@ -0,0 +1,52 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: endpoint_deregister +short_description: Resource module for Endpoint Deregister +description: +- Manage operation update of the resource Endpoint Deregister. +- This API allows the client to de-register an endpoint. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + id: + description: Id path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + endpoint.Endpoint.deregister_endpoint, + + - Paths used are + put /ers/config/endpoint/{id}/deregister, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.endpoint_deregister: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/endpoint_get_rejected_endpoints_info.py b/ansible_collections/cisco/ise/plugins/modules/endpoint_get_rejected_endpoints_info.py new file mode 100644 index 00000000..a99a9c02 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/endpoint_get_rejected_endpoints_info.py @@ -0,0 +1,56 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: endpoint_get_rejected_endpoints_info +short_description: Information module for Endpoint Get Rejected Endpoints +description: +- Get all Endpoint Get Rejected Endpoints. +- This API allows the client to get the rejected endpoints. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + endpoint.Endpoint.get_rejected_endpoints, + + - Paths used are + get /ers/config/endpoint/getrejectedendpoints, + +""" + +EXAMPLES = r""" +- name: Get all Endpoint Get Rejected Endpoints + cisco.ise.endpoint_get_rejected_endpoints_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "resultValue": [ + { + "value": "string", + "name": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/endpoint_group.py b/ansible_collections/cisco/ise/plugins/modules/endpoint_group.py new file mode 100644 index 00000000..95dd6f65 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/endpoint_group.py @@ -0,0 +1,126 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: endpoint_group +short_description: Resource module for Endpoint Group +description: +- Manage operations create, update and delete of the resource Endpoint Group. +- This API creates an endpoint identity group. +- This API deletes an endpoint identity group. +- This API allows the client to update an endpoint identity group. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + description: + description: Endpoint Group's description. + type: str + id: + description: Endpoint Group's id. + type: str + name: + description: Endpoint Group's name. + type: str + systemDefined: + description: SystemDefined flag. + type: bool +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for EndpointIdentityGroup + description: Complete reference of the EndpointIdentityGroup API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!endpointgroup +notes: + - SDK Method used are + endpoint_identity_group.EndpointIdentityGroup.create_endpoint_group, + endpoint_identity_group.EndpointIdentityGroup.delete_endpoint_group_by_id, + endpoint_identity_group.EndpointIdentityGroup.update_endpoint_group_by_id, + + - Paths used are + post /ers/config/endpointgroup, + delete /ers/config/endpointgroup/{id}, + put /ers/config/endpointgroup/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.endpoint_group: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + id: string + name: string + systemDefined: true + +- name: Delete by id + cisco.ise.endpoint_group: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.endpoint_group: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + name: string + systemDefined: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "systemDefined": true, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/endpoint_group_info.py b/ansible_collections/cisco/ise/plugins/modules/endpoint_group_info.py new file mode 100644 index 00000000..89823b7c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/endpoint_group_info.py @@ -0,0 +1,166 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: endpoint_group_info +short_description: Information module for Endpoint Group +description: +- Get all Endpoint Group. +- Get Endpoint Group by id. +- Get Endpoint Group by name. +- This API allows the client to get all the endpoint identity groups. +- This API allows the client to get an endpoint identity group by ID. +- This API allows the client to get an endpoint identity group by name. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for EndpointIdentityGroup + description: Complete reference of the EndpointIdentityGroup API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!endpointgroup +notes: + - SDK Method used are + endpoint_identity_group.EndpointIdentityGroup.get_endpoint_group_by_id, + endpoint_identity_group.EndpointIdentityGroup.get_endpoint_group_by_name, + endpoint_identity_group.EndpointIdentityGroup.get_endpoint_groups_generator, + + - Paths used are + get /ers/config/endpointgroup, + get /ers/config/endpointgroup/name/{name}, + get /ers/config/endpointgroup/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Endpoint Group + cisco.ise.endpoint_group_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Endpoint Group by id + cisco.ise.endpoint_group_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get Endpoint Group by name + cisco.ise.endpoint_group_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "systemDefined": true, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "systemDefined": true, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/endpoint_info.py b/ansible_collections/cisco/ise/plugins/modules/endpoint_info.py new file mode 100644 index 00000000..01587f8b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/endpoint_info.py @@ -0,0 +1,212 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: endpoint_info +short_description: Information module for Endpoint +description: +- Get all Endpoint. +- Get Endpoint by id. +- Get Endpoint by name. +- This API allows the client to get all the endpoints. +- This API allows the client to get an endpoint by ID. +- This API allows the client to get an endpoint by name. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + endpoint.Endpoint.get_endpoint_by_id, + endpoint.Endpoint.get_endpoint_by_name, + endpoint.Endpoint.get_endpoints_generator, + + - Paths used are + get /ers/config/endpoint, + get /ers/config/endpoint/name/{name}, + get /ers/config/endpoint/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Endpoint + cisco.ise.endpoint_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Endpoint by id + cisco.ise.endpoint_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get Endpoint by name + cisco.ise.endpoint_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "mac": "string", + "profileId": "string", + "staticProfileAssignment": true, + "groupId": "string", + "staticGroupAssignment": true, + "portalUser": "string", + "identityStore": "string", + "identityStoreId": "string", + "mdmAttributes": { + "mdmServerName": "string", + "mdmReachable": true, + "mdmEnrolled": true, + "mdmComplianceStatus": true, + "mdmOS": "string", + "mdmManufacturer": "string", + "mdmModel": "string", + "mdmSerial": "string", + "mdmEncrypted": true, + "mdmPinlock": true, + "mdmJailBroken": true, + "mdmIMEI": "string", + "mdmPhoneNumber": "string" + }, + "customAttributes": { + "customAttributes": {} + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "mac": "string", + "profileId": "string", + "staticProfileAssignment": true, + "groupId": "string", + "staticGroupAssignment": true, + "portalUser": "string", + "identityStore": "string", + "identityStoreId": "string", + "mdmAttributes": { + "mdmServerName": "string", + "mdmReachable": true, + "mdmEnrolled": true, + "mdmComplianceStatus": true, + "mdmOS": "string", + "mdmManufacturer": "string", + "mdmModel": "string", + "mdmSerial": "string", + "mdmEncrypted": true, + "mdmPinlock": true, + "mdmJailBroken": true, + "mdmIMEI": "string", + "mdmPhoneNumber": "string" + }, + "customAttributes": { + "customAttributes": {} + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/endpoint_register.py b/ansible_collections/cisco/ise/plugins/modules/endpoint_register.py new file mode 100644 index 00000000..139631d2 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/endpoint_register.py @@ -0,0 +1,158 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: endpoint_register +short_description: Resource module for Endpoint Register +description: +- Manage operation update of the resource Endpoint Register. +- This API allows the client to register an endpoint. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + customAttributes: + description: Endpoint Register's customAttributes. + suboptions: + customAttributes: + description: Key value map. + type: dict + type: dict + description: + description: Endpoint Register's description. + type: str + groupId: + description: Endpoint Register's groupId. + type: str + id: + description: Endpoint Register's id. + type: str + identityStore: + description: Endpoint Register's identityStore. + type: str + identityStoreId: + description: Endpoint Register's identityStoreId. + type: str + mac: + description: Endpoint Register's mac. + type: str + mdmAttributes: + description: Endpoint Register's mdmAttributes. + suboptions: + mdmComplianceStatus: + description: MdmComplianceStatus flag. + type: bool + mdmEncrypted: + description: MdmEncrypted flag. + type: bool + mdmEnrolled: + description: MdmEnrolled flag. + type: bool + mdmIMEI: + description: Endpoint Register's mdmIMEI. + type: str + mdmJailBroken: + description: MdmJailBroken flag. + type: bool + mdmManufacturer: + description: Endpoint Register's mdmManufacturer. + type: str + mdmModel: + description: Endpoint Register's mdmModel. + type: str + mdmOS: + description: Endpoint Register's mdmOS. + type: str + mdmPhoneNumber: + description: Endpoint Register's mdmPhoneNumber. + type: str + mdmPinlock: + description: MdmPinlock flag. + type: bool + mdmReachable: + description: MdmReachable flag. + type: bool + mdmSerial: + description: Endpoint Register's mdmSerial. + type: str + mdmServerName: + description: Endpoint Register's mdmServerName. + type: str + type: dict + name: + description: Endpoint Register's name. + type: str + portalUser: + description: Endpoint Register's portalUser. + type: str + profileId: + description: Endpoint Register's profileId. + type: str + staticGroupAssignment: + description: StaticGroupAssignment flag. + type: bool + staticProfileAssignment: + description: StaticProfileAssignment flag. + type: bool +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + endpoint.Endpoint.register_endpoint, + + - Paths used are + put /ers/config/endpoint/register, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.endpoint_register: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + customAttributes: + customAttributes: {} + description: string + groupId: string + id: string + identityStore: string + identityStoreId: string + mac: string + mdmAttributes: + mdmComplianceStatus: true + mdmEncrypted: true + mdmEnrolled: true + mdmIMEI: string + mdmJailBroken: true + mdmManufacturer: string + mdmModel: string + mdmOS: string + mdmPhoneNumber: string + mdmPinlock: true + mdmReachable: true + mdmSerial: string + mdmServerName: string + name: string + portalUser: string + profileId: string + staticGroupAssignment: true + staticProfileAssignment: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/endpoint_release_rejected_endpoint.py b/ansible_collections/cisco/ise/plugins/modules/endpoint_release_rejected_endpoint.py new file mode 100644 index 00000000..82888e4e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/endpoint_release_rejected_endpoint.py @@ -0,0 +1,52 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: endpoint_release_rejected_endpoint +short_description: Resource module for Endpoint Release Rejected Endpoint +description: +- Manage operation update of the resource Endpoint Release Rejected Endpoint. +- This API allows the client to release a rejected endpoint. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + id: + description: Id path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + endpoint.Endpoint.release_rejected_endpoint, + + - Paths used are + put /ers/config/endpoint/{id}/releaserejectedendpoint, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.endpoint_release_rejected_endpoint: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/external_radius_server.py b/ansible_collections/cisco/ise/plugins/modules/external_radius_server.py new file mode 100644 index 00000000..50d1ff07 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/external_radius_server.py @@ -0,0 +1,188 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: external_radius_server +short_description: Resource module for External RADIUS Server +description: +- Manage operations create, update and delete of the resource External RADIUS Server. +- This API creates an external RADIUS server. +- This API deletes an external RADIUS server. +- This API allows the client to update an external RADIUS server. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + accountingPort: + description: Valid Range 1 to 65535. + type: int + authenticationPort: + description: Valid Range 1 to 65535. + type: int + authenticatorKey: + description: The authenticatorKey is required only if enableKeyWrap is true, otherwise + it must be ignored or empty. The maximum length is 20 ASCII characters or 40 HEXADECIMAL + characters (depend on selection in field 'keyInputFormat'). + type: str + description: + description: External RADIUS Server's description. + type: str + enableKeyWrap: + description: KeyWrap may only be enabled if it is supported on the device. When + running in FIPS mode this option should be enabled for such devices. + type: bool + encryptionKey: + description: The encryptionKey is required only if enableKeyWrap is true, otherwise + it must be ignored or empty. The maximum length is 16 ASCII characters or 32 HEXADECIMAL + characters (depend on selection in field 'keyInputFormat'). + type: str + hostIP: + description: The IP of the host - must be a valid IPV4 address. + type: str + id: + description: External RADIUS Server's id. + type: str + keyInputFormat: + description: Specifies the format of the input for fields 'encryptionKey' and 'authenticatorKey'. + Allowed Values - ASCII - HEXADECIMAL. + type: str + name: + description: Resource Name. Allowed charactera are alphanumeric and _ (underscore). + type: str + proxyTimeout: + description: Valid Range 1 to 600. + type: int + retries: + description: Valid Range 1 to 9. + type: int + sharedSecret: + description: Shared secret maximum length is 128 characters. + type: str + timeout: + description: Valid Range 1 to 120. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + external_radius_server.ExternalRadiusServer.create_external_radius_server, + external_radius_server.ExternalRadiusServer.delete_external_radius_server_by_id, + external_radius_server.ExternalRadiusServer.update_external_radius_server_by_id, + + - Paths used are + post /ers/config/externalradiusserver, + delete /ers/config/externalradiusserver/{id}, + put /ers/config/externalradiusserver/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.external_radius_server: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + accountingPort: 0 + authenticationPort: 0 + authenticatorKey: string + description: string + enableKeyWrap: true + encryptionKey: string + hostIP: string + id: string + keyInputFormat: string + name: string + proxyTimeout: 0 + retries: 0 + sharedSecret: string + timeout: 0 + +- name: Delete by id + cisco.ise.external_radius_server: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.external_radius_server: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + accountingPort: 0 + authenticationPort: 0 + authenticatorKey: string + description: string + enableKeyWrap: true + encryptionKey: string + hostIP: string + keyInputFormat: string + name: string + proxyTimeout: 0 + retries: 0 + sharedSecret: string + timeout: 0 + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "hostIP": "string", + "sharedSecret": "string", + "enableKeyWrap": true, + "encryptionKey": "string", + "authenticatorKey": "string", + "keyInputFormat": "string", + "authenticationPort": 0, + "accountingPort": 0, + "timeout": 0, + "retries": 0, + "proxyTimeout": 0, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/external_radius_server_info.py b/ansible_collections/cisco/ise/plugins/modules/external_radius_server_info.py new file mode 100644 index 00000000..8b597d05 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/external_radius_server_info.py @@ -0,0 +1,144 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: external_radius_server_info +short_description: Information module for External RADIUS Server +description: +- Get all External RADIUS Server. +- Get External RADIUS Server by id. +- Get External RADIUS Server by name. +- This API allows the client to get all the external RADIUS servers. +- This API allows the client to get an external RADIUS server by ID. +- This API allows the client to get an external RADIUS server by name. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + external_radius_server.ExternalRadiusServer.get_external_radius_server_by_id, + external_radius_server.ExternalRadiusServer.get_external_radius_server_by_name, + external_radius_server.ExternalRadiusServer.get_external_radius_server_generator, + + - Paths used are + get /ers/config/externalradiusserver, + get /ers/config/externalradiusserver/name/{name}, + get /ers/config/externalradiusserver/{id}, + +""" + +EXAMPLES = r""" +- name: Get all External RADIUS Server + cisco.ise.external_radius_server_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + register: result + +- name: Get External RADIUS Server by id + cisco.ise.external_radius_server_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get External RADIUS Server by name + cisco.ise.external_radius_server_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "hostIP": "string", + "sharedSecret": "string", + "enableKeyWrap": true, + "encryptionKey": "string", + "authenticatorKey": "string", + "keyInputFormat": "string", + "authenticationPort": 0, + "accountingPort": 0, + "timeout": 0, + "retries": 0, + "proxyTimeout": 0, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "hostIP": "string", + "sharedSecret": "string", + "enableKeyWrap": true, + "encryptionKey": "string", + "authenticatorKey": "string", + "keyInputFormat": "string", + "authenticationPort": 0, + "accountingPort": 0, + "timeout": 0, + "retries": 0, + "proxyTimeout": 0, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/filter_policy.py b/ansible_collections/cisco/ise/plugins/modules/filter_policy.py new file mode 100644 index 00000000..9a23b0c1 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/filter_policy.py @@ -0,0 +1,123 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: filter_policy +short_description: Resource module for Filter Policy +description: +- Manage operations create, update and delete of the resource Filter Policy. +- This API creates a filter policy. +- This API deletes a filter policy. +- This API allows the client to update a filter policy. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + domains: + description: List of SXP Domains, separated with comma. + type: str + id: + description: Id path parameter. + type: str + sgt: + description: SGT name or ID. At least one of subnet or sgt or vn should be defined. + type: str + subnet: + description: Subnet for filter policy (hostname is not supported). At least one + of subnet or sgt or vn should be defined. + type: str + vn: + description: Virtual Network. At least one of subnet or sgt or vn should be defined. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + filter_policy.FilterPolicy.create_filter_policy, + filter_policy.FilterPolicy.delete_filter_policy_by_id, + filter_policy.FilterPolicy.update_filter_policy_by_id, + + - Paths used are + post /ers/config/filterpolicy, + delete /ers/config/filterpolicy/{id}, + put /ers/config/filterpolicy/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.filter_policy: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + domains: string + id: string + sgt: string + subnet: string + vn: string + +- name: Delete by id + cisco.ise.filter_policy: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.filter_policy: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + domains: string + sgt: string + subnet: string + vn: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "subnet": "string", + "domains": "string", + "sgt": "string", + "vn": "string" + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/filter_policy_info.py b/ansible_collections/cisco/ise/plugins/modules/filter_policy_info.py new file mode 100644 index 00000000..01f9c6e7 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/filter_policy_info.py @@ -0,0 +1,97 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: filter_policy_info +short_description: Information module for Filter Policy +description: +- Get all Filter Policy. +- Get Filter Policy by id. +- This API allows the client to get a filter policy by ID. +- This API allows the client to get all the filter policies. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + filter_policy.FilterPolicy.get_filter_policy_by_id, + filter_policy.FilterPolicy.get_filter_policy_generator, + + - Paths used are + get /ers/config/filterpolicy, + get /ers/config/filterpolicy/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Filter Policy + cisco.ise.filter_policy_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + register: result + +- name: Get Filter Policy by id + cisco.ise.filter_policy_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "subnet": "string", + "domains": "string", + "sgt": "string", + "vn": "string" + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "subnet": "string", + "domains": "string", + "sgt": "string", + "vn": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_location_info.py b/ansible_collections/cisco/ise/plugins/modules/guest_location_info.py new file mode 100644 index 00000000..2c82fa37 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_location_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_location_info +short_description: Information module for Guest Location +description: +- Get all Guest Location. +- Get Guest Location by id. +- This API allows the client to get a guest location by ID. +- This API allows the client to get all the guest locations. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_location.GuestLocation.get_guest_location_by_id, + guest_location.GuestLocation.get_guest_location_generator, + + - Paths used are + get /ers/config/guestlocation, + get /ers/config/guestlocation/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Guest Location + cisco.ise.guest_location_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Guest Location by id + cisco.ise.guest_location_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_smtp_notification_settings.py b/ansible_collections/cisco/ise/plugins/modules/guest_smtp_notification_settings.py new file mode 100644 index 00000000..10910f02 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_smtp_notification_settings.py @@ -0,0 +1,155 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_smtp_notification_settings +short_description: Resource module for Guest SMTP Notification Settings +description: +- Manage operations create and update of the resource Guest SMTP Notification Settings. +- This API creates a guest SMTP notification configuration. +- This API allows the client to update a SMTP configuration setting. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + connectionTimeout: + description: Interval in seconds for all the SMTP client connections. + type: str + defaultFromAddress: + description: The default from email address to be used to send emails from. + type: str + id: + description: Guest SMTP Notification Settings's id. + type: str + notificationEnabled: + description: Indicates if the email notification service is to be enabled. + type: bool + password: + description: Password of Secure SMTP server. + type: str + smtpPort: + description: Port at which SMTP Secure Server is listening. + type: str + smtpServer: + description: The SMTP server ip address or fqdn such as outbound.mycompany.com. + type: str + useDefaultFromAddress: + description: If the default from address should be used rather than using a sponsor + user email address. + type: bool + usePasswordAuthentication: + description: If configured to true, SMTP server authentication will happen using + username/password. + type: bool + useTLSorSSLEncryption: + description: If configured to true, SMTP server authentication will happen using + TLS/SSL. + type: bool + userName: + description: Username of Secure SMTP server. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_smtp_notification_configuration.GuestSmtpNotificationConfiguration.create_guest_smtp_notification_settings, + guest_smtp_notification_configuration.GuestSmtpNotificationConfiguration.update_guest_smtp_notification_settings_by_id, + + - Paths used are + post /ers/config/guestsmtpnotificationsettings, + put /ers/config/guestsmtpnotificationsettings/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.guest_smtp_notification_settings: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + connectionTimeout: string + defaultFromAddress: string + id: string + notificationEnabled: true + password: string + smtpPort: string + smtpServer: string + useDefaultFromAddress: true + usePasswordAuthentication: true + useTLSorSSLEncryption: true + userName: string + +- name: Create + cisco.ise.guest_smtp_notification_settings: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + connectionTimeout: string + defaultFromAddress: string + notificationEnabled: true + password: string + smtpPort: string + smtpServer: string + useDefaultFromAddress: true + usePasswordAuthentication: true + useTLSorSSLEncryption: true + userName: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "smtpServer": "string", + "notificationEnabled": true, + "useDefaultFromAddress": true, + "defaultFromAddress": "string", + "smtpPort": "string", + "connectionTimeout": "string", + "useTLSorSSLEncryption": true, + "usePasswordAuthentication": true, + "userName": "string", + "password": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_smtp_notification_settings_info.py b/ansible_collections/cisco/ise/plugins/modules/guest_smtp_notification_settings_info.py new file mode 100644 index 00000000..7f815219 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_smtp_notification_settings_info.py @@ -0,0 +1,159 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_smtp_notification_settings_info +short_description: Information module for Guest SMTP Notification Settings +description: +- Get all Guest SMTP Notification Settings. +- Get Guest SMTP Notification Settings by id. +- This API allows the client to get a guest SMTP notification configuration by. +- This API allows the client to get all the guest SMTP notification. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_smtp_notification_configuration.GuestSmtpNotificationConfiguration.get_guest_smtp_notification_settings_by_id, + guest_smtp_notification_configuration.GuestSmtpNotificationConfiguration.get_guest_smtp_notification_settings_generator, + + - Paths used are + get /ers/config/guestsmtpnotificationsettings, + get /ers/config/guestsmtpnotificationsettings/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Guest SMTP Notification Settings + cisco.ise.guest_smtp_notification_settings_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Guest SMTP Notification Settings by id + cisco.ise.guest_smtp_notification_settings_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "smtpServer": "string", + "notificationEnabled": true, + "useDefaultFromAddress": true, + "defaultFromAddress": "string", + "smtpPort": "string", + "connectionTimeout": "string", + "useTLSorSSLEncryption": true, + "usePasswordAuthentication": true, + "userName": "string", + "password": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "smtpServer": "string", + "notificationEnabled": true, + "useDefaultFromAddress": true, + "defaultFromAddress": "string", + "smtpPort": "string", + "connectionTimeout": "string", + "useTLSorSSLEncryption": true, + "usePasswordAuthentication": true, + "userName": "string", + "password": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_ssid.py b/ansible_collections/cisco/ise/plugins/modules/guest_ssid.py new file mode 100644 index 00000000..8caf673c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_ssid.py @@ -0,0 +1,111 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_ssid +short_description: Resource module for Guest SSID +description: +- Manage operations create, update and delete of the resource Guest SSID. +- This API creates a guest SSID. +- This API deletes a guest SSID by ID. +- This API allows the client to update a guest SSID by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + id: + description: Guest SSID's id. + type: str + name: + description: Resource Name. Name may contain alphanumeric or any of the following + characters _.-. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_ssid.GuestSsid.create_guest_ssid, + guest_ssid.GuestSsid.delete_guest_ssid_by_id, + guest_ssid.GuestSsid.update_guest_ssid_by_id, + + - Paths used are + post /ers/config/guestssid, + delete /ers/config/guestssid/{id}, + put /ers/config/guestssid/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.guest_ssid: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + id: string + name: string + +- name: Delete by id + cisco.ise.guest_ssid: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.guest_ssid: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + name: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_ssid_info.py b/ansible_collections/cisco/ise/plugins/modules/guest_ssid_info.py new file mode 100644 index 00000000..087a7e0e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_ssid_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_ssid_info +short_description: Information module for Guest SSID +description: +- Get all Guest SSID. +- Get Guest SSID by id. +- This API allows the client to get a guest SSID by ID. +- This API allows the client to get all the guest SSIDs. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_ssid.GuestSsid.get_guest_ssid_by_id, + guest_ssid.GuestSsid.get_guest_ssid_generator, + + - Paths used are + get /ers/config/guestssid, + get /ers/config/guestssid/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Guest SSID + cisco.ise.guest_ssid_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Guest SSID by id + cisco.ise.guest_ssid_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_type.py b/ansible_collections/cisco/ise/plugins/modules/guest_type.py new file mode 100644 index 00000000..2318caaa --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_type.py @@ -0,0 +1,303 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_type +short_description: Resource module for Guest Type +description: +- Manage operations create, update and delete of the resource Guest Type. +- This API creates a guest type. +- This API deletes a guest type. +- This API allows the client to update a guest type. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + accessTime: + description: Guest Type's accessTime. + suboptions: + allowAccessOnSpecificDaysTimes: + description: AllowAccessOnSpecificDaysTimes flag. + type: bool + dayTimeLimits: + description: List of Time Ranges for account access. + elements: dict + suboptions: + days: + description: List of Days Values should be one of Week day. Allowed values + are - Sunday, - Monday, - Tuesday, - Wednesday, - Thursday, - Friday, + - Saturday. + elements: str + type: list + endTime: + description: End time in HH mm format. + type: str + startTime: + description: Start time in HH mm format. + type: str + type: list + defaultDuration: + description: Guest Type's defaultDuration. + type: int + durationTimeUnit: + description: Allowed values are - DAYS, - HOURS, - MINUTES. + type: str + fromFirstLogin: + description: When Account Duration starts from first login or specified date. + type: bool + maxAccountDuration: + description: Maximum value of Account Duration. + type: int + type: dict + description: + description: Guest Type's description. + type: str + expirationNotification: + description: Expiration Notification Settings. + suboptions: + advanceNotificationDuration: + description: Send Account Expiration Notification Duration before ( Days, Hours, + Minutes ). + type: int + advanceNotificationUnits: + description: Allowed values are - DAYS, - HOURS, - MINUTES. + type: str + emailText: + description: Guest Type's emailText. + type: str + enableNotification: + description: Enable Notification settings. + type: bool + sendEmailNotification: + description: Enable Email Notification. + type: bool + sendSMSNotification: + description: Maximum devices guests can register. + type: bool + smsText: + description: Guest Type's smsText. + type: str + type: dict + id: + description: Guest Type's id. + type: str + isDefaultType: + description: IsDefaultType flag. + type: bool + loginOptions: + description: Guest Type's loginOptions. + suboptions: + allowGuestPortalBypass: + description: AllowGuestPortalBypass flag. + type: bool + failureAction: + description: When Guest Exceeds limit this action will be invoked. Allowed values + are - Disconnect_Oldest_Connection, - Disconnect_Newest_Connection. + type: str + identityGroupId: + description: Guest Type's identityGroupId. + type: str + limitSimultaneousLogins: + description: Enable Simultaneous Logins. + type: bool + maxRegisteredDevices: + description: Maximum devices guests can register. + type: int + maxSimultaneousLogins: + description: Number of Simultaneous Logins. + type: int + type: dict + name: + description: Guest Type's name. + type: str + sponsorGroups: + description: Guest Type's sponsorGroups. + elements: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_type.GuestType.create_guest_type, + guest_type.GuestType.delete_guest_type_by_id, + guest_type.GuestType.update_guest_type_by_id, + + - Paths used are + post /ers/config/guesttype, + delete /ers/config/guesttype/{id}, + put /ers/config/guesttype/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.guest_type: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + accessTime: + allowAccessOnSpecificDaysTimes: true + dayTimeLimits: + - days: + - string + endTime: string + startTime: string + defaultDuration: 0 + durationTimeUnit: string + fromFirstLogin: true + maxAccountDuration: 0 + description: string + expirationNotification: + advanceNotificationDuration: 0 + advanceNotificationUnits: string + emailText: string + enableNotification: true + sendEmailNotification: true + sendSmsNotification: true + smsText: string + id: string + isDefaultType: true + loginOptions: + allowGuestPortalBypass: true + failureAction: string + identityGroupId: string + limitSimultaneousLogins: true + maxRegisteredDevices: 0 + maxSimultaneousLogins: 0 + name: string + sponsorGroups: + - string + +- name: Delete by id + cisco.ise.guest_type: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.guest_type: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + accessTime: + allowAccessOnSpecificDaysTimes: true + dayTimeLimits: + - days: + - string + endTime: string + startTime: string + defaultDuration: 0 + durationTimeUnit: string + fromFirstLogin: true + maxAccountDuration: 0 + description: string + expirationNotification: + advanceNotificationDuration: 0 + advanceNotificationUnits: string + emailText: string + enableNotification: true + sendEmailNotification: true + sendSmsNotification: true + smsText: string + isDefaultType: true + loginOptions: + allowGuestPortalBypass: true + failureAction: string + identityGroupId: string + limitSimultaneousLogins: true + maxRegisteredDevices: 0 + maxSimultaneousLogins: 0 + name: string + sponsorGroups: + - string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "isDefaultType": true, + "accessTime": { + "fromFirstLogin": true, + "maxAccountDuration": 0, + "durationTimeUnit": "string", + "defaultDuration": 0, + "allowAccessOnSpecificDaysTimes": true, + "dayTimeLimits": [ + { + "startTime": "string", + "endTime": "string", + "days": [ + "string" + ] + } + ] + }, + "loginOptions": { + "limitSimultaneousLogins": true, + "maxSimultaneousLogins": 0, + "failureAction": "string", + "maxRegisteredDevices": 0, + "identityGroupId": "string", + "allowGuestPortalBypass": true + }, + "expirationNotification": { + "enableNotification": true, + "advanceNotificationDuration": 0, + "advanceNotificationUnits": "string", + "sendEmailNotification": true, + "emailText": "string", + "sendSmsNotification": true, + "smsText": "string" + }, + "sponsorGroups": [ + "string" + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_type_email.py b/ansible_collections/cisco/ise/plugins/modules/guest_type_email.py new file mode 100644 index 00000000..12b593e2 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_type_email.py @@ -0,0 +1,66 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_type_email +short_description: Resource module for Guest Type Email +description: +- Manage operation update of the resource Guest Type Email. +- This API allows the client to update a guest type email by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + additionalData: + description: Guest Type Email's additionalData. + elements: dict + suboptions: + name: + description: Guest Type Email's name. + type: str + value: + description: Guest Type Email's value. + type: str + type: list + id: + description: Id path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_type.GuestType.update_guest_type_email, + + - Paths used are + put /ers/config/guesttype/email/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.guest_type_email: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + additionalData: + - name: emailAddress + value: emailAddress + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_type_info.py b/ansible_collections/cisco/ise/plugins/modules/guest_type_info.py new file mode 100644 index 00000000..dcf1461a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_type_info.py @@ -0,0 +1,217 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_type_info +short_description: Information module for Guest Type +description: +- Get all Guest Type. +- Get Guest Type by id. +- This API allows the client to get a guest type by ID. +- This API allows the client to get all the guest types. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_type.GuestType.get_guest_type_by_id, + guest_type.GuestType.get_guest_type_generator, + + - Paths used are + get /ers/config/guesttype, + get /ers/config/guesttype/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Guest Type + cisco.ise.guest_type_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Guest Type by id + cisco.ise.guest_type_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "isDefaultType": true, + "accessTime": { + "fromFirstLogin": true, + "maxAccountDuration": 0, + "durationTimeUnit": "string", + "defaultDuration": 0, + "allowAccessOnSpecificDaysTimes": true, + "dayTimeLimits": [ + { + "startTime": "string", + "endTime": "string", + "days": [ + "string" + ] + } + ] + }, + "loginOptions": { + "limitSimultaneousLogins": true, + "maxSimultaneousLogins": 0, + "failureAction": "string", + "maxRegisteredDevices": 0, + "identityGroupId": "string", + "allowGuestPortalBypass": true + }, + "expirationNotification": { + "enableNotification": true, + "advanceNotificationDuration": 0, + "advanceNotificationUnits": "string", + "sendEmailNotification": true, + "emailText": "string", + "sendSmsNotification": true, + "smsText": "string" + }, + "sponsorGroups": [ + "string" + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "isDefaultType": true, + "accessTime": { + "fromFirstLogin": true, + "maxAccountDuration": 0, + "durationTimeUnit": "string", + "defaultDuration": 0, + "allowAccessOnSpecificDaysTimes": true, + "dayTimeLimits": [ + { + "startTime": "string", + "endTime": "string", + "days": [ + "string" + ] + } + ] + }, + "loginOptions": { + "limitSimultaneousLogins": true, + "maxSimultaneousLogins": 0, + "failureAction": "string", + "maxRegisteredDevices": 0, + "identityGroupId": "string", + "allowGuestPortalBypass": true + }, + "expirationNotification": { + "enableNotification": true, + "advanceNotificationDuration": 0, + "advanceNotificationUnits": "string", + "sendEmailNotification": true, + "emailText": "string", + "sendSmsNotification": true, + "smsText": "string" + }, + "sponsorGroups": [ + "string" + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_type_sms.py b/ansible_collections/cisco/ise/plugins/modules/guest_type_sms.py new file mode 100644 index 00000000..d35072ca --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_type_sms.py @@ -0,0 +1,68 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_type_sms +short_description: Resource module for Guest Type SMS +description: +- Manage operation update of the resource Guest Type SMS. +- This API allows the client to update a guest type sms by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + additionalData: + description: Guest Type SMS's additionalData. + elements: dict + suboptions: + name: + description: Guest Type SMS's name. + type: str + value: + description: Guest Type SMS's value. + type: str + type: list + id: + description: Id path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_type.GuestType.update_guest_type_sms, + + - Paths used are + put /ers/config/guesttype/sms/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.guest_type_sms: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + additionalData: + - name: phoneNumber + value: phoneNumber + - name: serviceProvider + value: serviceProvider + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_user.py b/ansible_collections/cisco/ise/plugins/modules/guest_user.py new file mode 100644 index 00000000..a19118c7 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_user.py @@ -0,0 +1,337 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_user +short_description: Resource module for Guest User +description: +- Manage operations create, update and delete of the resource Guest User. +- This API creates a guest user. +- This API deletes a guest user by ID. +- This API deletes a guest user. +- This API allows the client to update a guest user by ID. +- This API allows the client to update a guest user by name. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + customFields: + description: Key value map. + type: dict + description: + description: Guest User's description. + type: str + guestAccessInfo: + description: Guest User's guestAccessInfo. + suboptions: + fromDate: + description: Guest User's fromDate. + type: str + groupTag: + description: Guest User's groupTag. + type: str + location: + description: Guest User's location. + type: str + ssid: + description: Guest User's ssid. + type: str + toDate: + description: Guest User's toDate. + type: str + validDays: + description: Guest User's validDays. + type: int + type: dict + guestInfo: + description: Guest User's guestInfo. + suboptions: + company: + description: Guest User's company. + type: str + creationTime: + description: Guest User's creationTime. + type: str + emailAddress: + description: Guest User's emailAddress. + type: str + enabled: + description: This field is only for Get operation not applicable for Create, + Update operations. + type: bool + firstName: + description: Guest User's firstName. + type: str + lastName: + description: Guest User's lastName. + type: str + notificationLanguage: + description: Guest User's notificationLanguage. + type: str + password: + description: Guest User's password. + type: str + phoneNumber: + description: Phone number should be E.164 format. + type: str + smsServiceProvider: + description: Guest User's smsServiceProvider. + type: str + userName: + description: If account needs be created with mobile number, please provide + mobile number here. + type: str + type: dict + guestType: + description: Guest User's guestType. + type: str + id: + description: Guest User's id. + type: str + name: + description: Guest User's name. + type: str + portalId: + description: Guest User's portalId. + type: str + reasonForVisit: + description: Guest User's reasonForVisit. + type: str + sponsorUserId: + description: Guest User's sponsorUserId. + type: str + sponsorUserName: + description: Guest User's sponsorUserName. + type: str + status: + description: Guest User's status. + type: str + statusReason: + description: Guest User's statusReason. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_user.GuestUser.create_guest_user, + guest_user.GuestUser.delete_guest_user_by_id, + guest_user.GuestUser.delete_guest_user_by_name, + guest_user.GuestUser.update_guest_user_by_id, + guest_user.GuestUser.update_guest_user_by_name, + + - Paths used are + post /ers/config/guestuser, + delete /ers/config/guestuser/name/{name}, + delete /ers/config/guestuser/{id}, + put /ers/config/guestuser/name/{name}, + put /ers/config/guestuser/{id}, + +""" + +EXAMPLES = r""" +- name: Update by name + cisco.ise.guest_user: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + customFields: {} + description: string + guestAccessInfo: + fromDate: string + groupTag: string + location: string + ssid: string + toDate: string + validDays: 0 + guestInfo: + company: string + creationTime: string + emailAddress: string + enabled: true + firstName: string + lastName: string + notificationLanguage: string + password: string + phoneNumber: string + smsServiceProvider: string + userName: string + guestType: string + id: string + name: string + portalId: string + reasonForVisit: string + sponsorUserId: string + sponsorUserName: string + status: string + statusReason: string + +- name: Delete by name + cisco.ise.guest_user: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + name: string + +- name: Update by id + cisco.ise.guest_user: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + customFields: {} + description: string + guestAccessInfo: + fromDate: string + groupTag: string + location: string + ssid: string + toDate: string + validDays: 0 + guestInfo: + company: string + creationTime: string + emailAddress: string + enabled: true + firstName: string + lastName: string + notificationLanguage: string + password: string + phoneNumber: string + smsServiceProvider: string + userName: string + guestType: string + id: string + name: string + portalId: string + reasonForVisit: string + sponsorUserId: string + sponsorUserName: string + status: string + statusReason: string + +- name: Delete by id + cisco.ise.guest_user: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.guest_user: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + customFields: {} + description: string + guestAccessInfo: + fromDate: string + groupTag: string + location: string + ssid: string + toDate: string + validDays: 0 + guestInfo: + company: string + creationTime: string + emailAddress: string + enabled: true + firstName: string + lastName: string + notificationLanguage: string + password: string + phoneNumber: string + smsServiceProvider: string + userName: string + guestType: string + name: string + portalId: string + reasonForVisit: string + sponsorUserId: string + sponsorUserName: string + status: string + statusReason: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "guestType": "string", + "status": "string", + "statusReason": "string", + "reasonForVisit": "string", + "sponsorUserId": "string", + "sponsorUserName": "string", + "guestInfo": { + "firstName": "string", + "lastName": "string", + "company": "string", + "creationTime": "string", + "notificationLanguage": "string", + "userName": "string", + "emailAddress": "string", + "phoneNumber": "string", + "password": "string", + "enabled": true, + "smsServiceProvider": "string" + }, + "guestAccessInfo": { + "validDays": 0, + "fromDate": "string", + "toDate": "string", + "location": "string", + "ssid": "string", + "groupTag": "string" + }, + "portalId": "string", + "customFields": {}, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_user_approve.py b/ansible_collections/cisco/ise/plugins/modules/guest_user_approve.py new file mode 100644 index 00000000..f5c0295f --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_user_approve.py @@ -0,0 +1,52 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_user_approve +short_description: Resource module for Guest User Approve +description: +- Manage operation update of the resource Guest User Approve. +- This API allows the client to approve a guest user by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + id: + description: Id path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_user.GuestUser.approve_guest_user_by_id, + + - Paths used are + put /ers/config/guestuser/approve/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.guest_user_approve: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_user_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/modules/guest_user_bulk_monitor_status_info.py new file mode 100644 index 00000000..f26fe764 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_user_bulk_monitor_status_info.py @@ -0,0 +1,72 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_user_bulk_monitor_status_info +short_description: Information module for Guest User Bulk Monitor Status +description: +- Get Guest User Bulk Monitor Status by id. +- This API allows the client to monitor the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + bulkid: + description: + - Bulkid path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_user.GuestUser.monitor_bulk_status_guest_user, + + - Paths used are + get /ers/config/guestuser/bulk/{bulkid}, + +""" + +EXAMPLES = r""" +- name: Get Guest User Bulk Monitor Status by id + cisco.ise.guest_user_bulk_monitor_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + bulkid: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "bulkId": "string", + "mediaType": "string", + "executionStatus": "string", + "operationType": "string", + "startTime": "string", + "resourcesCount": 0, + "successCount": 0, + "failCount": 0, + "resourcesStatus": [ + { + "id": "string", + "name": "string", + "description": "string", + "resourceExecutionStatus": "string", + "status": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_user_bulk_request.py b/ansible_collections/cisco/ise/plugins/modules/guest_user_bulk_request.py new file mode 100644 index 00000000..454b982a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_user_bulk_request.py @@ -0,0 +1,56 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_user_bulk_request +short_description: Resource module for Guest User Bulk Request +description: +- Manage operation update of the resource Guest User Bulk Request. +- This API allows the client to submit the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + operationType: + description: Guest User Bulk Request's operationType. + type: str + resourceMediaType: + description: Guest User Bulk Request's resourceMediaType. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_user.GuestUser.bulk_request_for_guest_user, + + - Paths used are + put /ers/config/guestuser/bulk/submit, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.guest_user_bulk_request: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + operationType: string + resourceMediaType: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_user_change_sponsor_password.py b/ansible_collections/cisco/ise/plugins/modules/guest_user_change_sponsor_password.py new file mode 100644 index 00000000..64dc0193 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_user_change_sponsor_password.py @@ -0,0 +1,68 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_user_change_sponsor_password +short_description: Resource module for Guest User Change Sponsor Password +description: +- Manage operation update of the resource Guest User Change Sponsor Password. +- This API allows the client to change the sponsor password. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + additionalData: + description: Guest User Change Sponsor Password's additionalData. + elements: dict + suboptions: + name: + description: Guest User Change Sponsor Password's name. + type: str + value: + description: Guest User Change Sponsor Password's value. + type: str + type: list + portalId: + description: PortalId path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_user.GuestUser.change_sponsor_password, + + - Paths used are + put /ers/config/guestuser/changeSponsorPassword/{portalId}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.guest_user_change_sponsor_password: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + additionalData: + - name: currentPassword + value: password + - name: newPassword + value: password + portalId: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_user_deny.py b/ansible_collections/cisco/ise/plugins/modules/guest_user_deny.py new file mode 100644 index 00000000..b02f5e41 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_user_deny.py @@ -0,0 +1,52 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_user_deny +short_description: Resource module for Guest User Deny +description: +- Manage operation update of the resource Guest User Deny. +- This API allows the client to deny a guest user by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + id: + description: Id path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_user.GuestUser.deny_guest_user_by_id, + + - Paths used are + put /ers/config/guestuser/deny/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.guest_user_deny: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_user_email.py b/ansible_collections/cisco/ise/plugins/modules/guest_user_email.py new file mode 100644 index 00000000..f0ba73a2 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_user_email.py @@ -0,0 +1,70 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_user_email +short_description: Resource module for Guest User Email +description: +- Manage operation update of the resource Guest User Email. +- This API allows the client to update a guest user email by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + additionalData: + description: Guest User Email's additionalData. + elements: dict + suboptions: + name: + description: Guest User Email's name. + type: str + value: + description: Guest User Email's value. + type: str + type: list + id: + description: Id path parameter. + type: str + portalId: + description: PortalId path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_user.GuestUser.update_guest_user_email, + + - Paths used are + put /ers/config/guestuser/email/{id}/portalId/{portalId}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.guest_user_email: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + additionalData: + - name: senderEmail + value: senderEmail + id: string + portalId: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_user_info.py b/ansible_collections/cisco/ise/plugins/modules/guest_user_info.py new file mode 100644 index 00000000..651777e0 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_user_info.py @@ -0,0 +1,218 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_user_info +short_description: Information module for Guest User +description: +- Get all Guest User. +- Get Guest User by id. +- Get Guest User by name. +- This API allows the client to get a guest user by ID. +- This API allows the client to get a guest user by name. +- This API allows the client to get all the guest users. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_user.GuestUser.get_guest_user_by_id, + guest_user.GuestUser.get_guest_user_by_name, + guest_user.GuestUser.get_guest_users_generator, + + - Paths used are + get /ers/config/guestuser, + get /ers/config/guestuser/name/{name}, + get /ers/config/guestuser/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Guest User + cisco.ise.guest_user_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Guest User by id + cisco.ise.guest_user_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get Guest User by name + cisco.ise.guest_user_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "guestType": "string", + "status": "string", + "statusReason": "string", + "reasonForVisit": "string", + "sponsorUserId": "string", + "sponsorUserName": "string", + "guestInfo": { + "firstName": "string", + "lastName": "string", + "company": "string", + "creationTime": "string", + "notificationLanguage": "string", + "userName": "string", + "emailAddress": "string", + "phoneNumber": "string", + "password": "string", + "enabled": true, + "smsServiceProvider": "string" + }, + "guestAccessInfo": { + "validDays": 0, + "fromDate": "string", + "toDate": "string", + "location": "string", + "ssid": "string", + "groupTag": "string" + }, + "portalId": "string", + "customFields": {}, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "guestType": "string", + "status": "string", + "statusReason": "string", + "reasonForVisit": "string", + "sponsorUserId": "string", + "sponsorUserName": "string", + "guestInfo": { + "firstName": "string", + "lastName": "string", + "company": "string", + "creationTime": "string", + "notificationLanguage": "string", + "userName": "string", + "emailAddress": "string", + "phoneNumber": "string", + "password": "string", + "enabled": true, + "smsServiceProvider": "string" + }, + "guestAccessInfo": { + "validDays": 0, + "fromDate": "string", + "toDate": "string", + "location": "string", + "ssid": "string", + "groupTag": "string" + }, + "portalId": "string", + "customFields": {}, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_user_reinstate.py b/ansible_collections/cisco/ise/plugins/modules/guest_user_reinstate.py new file mode 100644 index 00000000..0ead09e6 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_user_reinstate.py @@ -0,0 +1,66 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_user_reinstate +short_description: Resource module for Guest User Reinstate +description: +- Manage operation update of the resource Guest User Reinstate. +- This API allows the client to reinstate a guest user by ID. +- This API allows the client to reinstate a guest user by name. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + id: + description: Id path parameter. + type: str + name: + description: Name path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_user.GuestUser.reinstate_guest_user_by_id, + guest_user.GuestUser.reinstate_guest_user_by_name, + + - Paths used are + put /ers/config/guestuser/reinstate/name/{name}, + put /ers/config/guestuser/reinstate/{id}, + +""" + +EXAMPLES = r""" +- name: Update by name + cisco.ise.guest_user_reinstate: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + +- name: Update by id + cisco.ise.guest_user_reinstate: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_user_reset_password.py b/ansible_collections/cisco/ise/plugins/modules/guest_user_reset_password.py new file mode 100644 index 00000000..b55a3147 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_user_reset_password.py @@ -0,0 +1,61 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_user_reset_password +short_description: Resource module for Guest User Reset Password +description: +- Manage operation update of the resource Guest User Reset Password. +- This API allows the client to reset the guest user password. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + id: + description: Id path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_user.GuestUser.reset_guest_user_password_by_id, + + - Paths used are + put /ers/config/guestuser/resetpassword/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.guest_user_reset_password: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "OperationResult": { + "resultValue": [ + { + "value": "string", + "name": "string" + } + ] + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_user_sms.py b/ansible_collections/cisco/ise/plugins/modules/guest_user_sms.py new file mode 100644 index 00000000..d02bd0d3 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_user_sms.py @@ -0,0 +1,56 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_user_sms +short_description: Resource module for Guest User SMS +description: +- Manage operation update of the resource Guest User SMS. +- This API allows the client to update a guest user sms by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + id: + description: Id path parameter. + type: str + portalId: + description: PortalId path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_user.GuestUser.update_guest_user_sms, + + - Paths used are + put /ers/config/guestuser/sms/{id}/portalId/{portalId}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.guest_user_sms: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + portalId: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/guest_user_suspend.py b/ansible_collections/cisco/ise/plugins/modules/guest_user_suspend.py new file mode 100644 index 00000000..e53ed5f2 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/guest_user_suspend.py @@ -0,0 +1,80 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: guest_user_suspend +short_description: Resource module for Guest User Suspend +description: +- Manage operation update of the resource Guest User Suspend. +- This API allows the client to suspend a guest user by ID. +- This API allows the client to suspend a guest user by name. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + additionalData: + description: Guest User Suspend's additionalData. + elements: dict + suboptions: + name: + description: Guest User Suspend's name. + type: str + value: + description: Guest User Suspend's value. + type: str + type: list + id: + description: Id path parameter. + type: str + name: + description: Name path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + guest_user.GuestUser.suspend_guest_user_by_id, + guest_user.GuestUser.suspend_guest_user_by_name, + + - Paths used are + put /ers/config/guestuser/suspend/name/{name}, + put /ers/config/guestuser/suspend/{id}, + +""" + +EXAMPLES = r""" +- name: Update by name + cisco.ise.guest_user_suspend: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + +- name: Update by id + cisco.ise.guest_user_suspend: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + additionalData: + - name: reason + value: reason + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/hotpatch_info.py b/ansible_collections/cisco/ise/plugins/modules/hotpatch_info.py new file mode 100644 index 00000000..90d37d15 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/hotpatch_info.py @@ -0,0 +1,59 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: hotpatch_info +short_description: Information module for Hotpatch +description: +- Get all Hotpatch. +- List all the installed hot patches in the system. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Patching + description: Complete reference of the Patching API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!patch-and-hot-patch-openapi +notes: + - SDK Method used are + patching.Patching.list_installed_hotpatches, + + - Paths used are + get /api/v1/hotpatch, + +""" + +EXAMPLES = r""" +- name: Get all Hotpatch + cisco.ise.hotpatch_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "hotpatchName": "string", + "installDate": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/hotpatch_install.py b/ansible_collections/cisco/ise/plugins/modules/hotpatch_install.py new file mode 100644 index 00000000..d4cef09b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/hotpatch_install.py @@ -0,0 +1,68 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: hotpatch_install +short_description: Resource module for Hotpatch Install +description: +- Manage operation create of the resource Hotpatch Install. +- > + Triggers hot patch installation on the Cisco ISE node. A task ID is returned which can be used to monitor the progress of the hot patch installation + process. As hot patch installation triggers the Cisco ISE to restart, the task API becomes unavailable for a certain period of time. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + hotpatchName: + description: Hotpatch Install's hotpatchName. + type: str + repositoryName: + description: Hotpatch Install's repositoryName. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Patching + description: Complete reference of the Patching API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!patch-and-hot-patch-openapi +notes: + - SDK Method used are + patching.Patching.install_hotpatch, + + - Paths used are + post /api/v1/hotpatch/install, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.hotpatch_install: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + hotpatchName: string + repositoryName: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "id": "string", + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/hotpatch_rollback.py b/ansible_collections/cisco/ise/plugins/modules/hotpatch_rollback.py new file mode 100644 index 00000000..d1ce43a8 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/hotpatch_rollback.py @@ -0,0 +1,68 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: hotpatch_rollback +short_description: Resource module for Hotpatch Rollback +description: +- Manage operation create of the resource Hotpatch Rollback. +- > + Triggers hot patch rollback on the Cisco ISE node. A task ID is returned which can be used to monitor the progress of the hot patch rollback process. As + hot patch rollback triggers the Cisco ISE to restart, the task API becomes unavailable for a certain period of time. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + hotpatchName: + description: Hotpatch Rollback's hotpatchName. + type: str + repositoryName: + description: Hotpatch Rollback's repositoryName. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Patching + description: Complete reference of the Patching API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!patch-and-hot-patch-openapi +notes: + - SDK Method used are + patching.Patching.rollback_hotpatch, + + - Paths used are + post /api/v1/hotpatch/rollback, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.hotpatch_rollback: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + hotpatchName: string + repositoryName: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "id": "string", + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/hotspot_portal.py b/ansible_collections/cisco/ise/plugins/modules/hotspot_portal.py new file mode 100644 index 00000000..aa7f5591 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/hotspot_portal.py @@ -0,0 +1,546 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: hotspot_portal +short_description: Resource module for Hotspot Portal +description: +- Manage operations create, update and delete of the resource Hotspot Portal. +- This API creates a hotspot portal. +- This API deletes a hotspot portal by ID. +- This API allows the client to update a hotspot portal by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + customizations: + description: Defines all of the Portal Customizations available. + suboptions: + globalCustomizations: + description: Hotspot Portal's globalCustomizations. + suboptions: + backgroundImage: + description: Hotspot Portal's backgroundImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + bannerImage: + description: Hotspot Portal's bannerImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + bannerTitle: + description: Hotspot Portal's bannerTitle. + type: str + contactText: + description: Hotspot Portal's contactText. + type: str + desktopLogoImage: + description: Hotspot Portal's desktopLogoImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + footerElement: + description: Hotspot Portal's footerElement. + type: str + mobileLogoImage: + description: Hotspot Portal's mobileLogoImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + type: dict + language: + description: This property is supported only for Read operation and it allows + to show the customizations in English. Other languages are not supported. + suboptions: + viewLanguage: + description: Hotspot Portal's viewLanguage. + type: str + type: dict + pageCustomizations: + description: Hotspot Portal's pageCustomizations. + suboptions: + data: + description: Hotspot Portal's data. + elements: dict + suboptions: + key: + description: Hotspot Portal's key. + type: str + value: + description: Hotspot Portal's value. + type: str + type: list + type: dict + portalTheme: + description: Defines the configuration for portal theme. + suboptions: + id: + description: The unique internal identifier of the portal theme. + type: str + name: + description: The system- or user-assigned name of the portal theme. + type: str + themeData: + description: A CSS file, represented as a Base64-encoded byte array. + type: str + type: dict + portalTweakSettings: + description: The Tweak Settings are a customization of the Portal Theme that + has been selected for the portal. When the Portal Theme selection is changed, + the Tweak Settings are overwritten to match the values in the theme. The Tweak + Settings can subsequently be changed by the user. + suboptions: + bannerColor: + description: Hex value of color. + type: str + bannerTextColor: + description: Hotspot Portal's bannerTextColor. + type: str + pageBackgroundColor: + description: Hotspot Portal's pageBackgroundColor. + type: str + pageLabelAndTextColor: + description: Hotspot Portal's pageLabelAndTextColor. + type: str + type: dict + type: dict + description: + description: Hotspot Portal's description. + type: str + id: + description: Hotspot Portal's id. + type: str + name: + description: Hotspot Portal's name. + type: str + portalTestUrl: + description: URL to bring up a test page for this portal. + type: str + portalType: + description: Allowed values - BYOD, - HOTSPOTGUEST, - MYDEVICE, - SELFREGGUEST, + - SPONSOR, - SPONSOREDGUEST. + type: str + settings: + description: Defines all of the settings groups available for a BYOD. + suboptions: + aupSettings: + description: Configuration of the Acceptable Use Policy (AUP) for a portal. + suboptions: + accessCode: + description: Access code that must be entered by the portal user (only valid + if requireAccessCode = true). + type: str + includeAup: + description: Require the portal user to read and accept an AUP. + type: bool + requireAccessCode: + description: Require the portal user to enter an access code. Only used + in Hotspot portal. + type: bool + requireScrolling: + description: Require the portal user to scroll to the end of the AUP. Only + valid if requireAupAcceptance = true. + type: bool + type: dict + authSuccessSettings: + description: Hotspot Portal's authSuccessSettings. + suboptions: + redirectUrl: + description: Target URL for redirection, used when successRedirect = URL. + type: str + successRedirect: + description: After an Authentication Success where should device be redirected. + Allowed values - AUTHSUCCESSPAGE, - ORIGINATINGURL, - URL. + type: str + type: dict + portalSettings: + description: The port, interface, certificate, and other basic settings of a + portal. + suboptions: + allowedInterfaces: + description: Interfaces that the portal will be reachable on. Allowed values + - eth0 - eth1 - eth2 - eth3 - eth4 - eth5 - bond0 - bond1 - bond2. + elements: str + type: list + alwaysUsedLanguage: + description: Used when displayLang = ALWAYSUSE. + type: str + certificateGroupTag: + description: Logical name of the x.509 server certificate that will be used + for the portal. + type: str + coaType: + description: Allowed Values - COAREAUTHENTICATE, - COATERMINATE. + type: str + displayLang: + description: Allowed values - USEBROWSERLOCALE, - ALWAYSUSE. + type: str + endpointIdentityGroup: + description: Unique Id of the endpoint identity group where user's devices + will be added. Used only in Hotspot Portal. + type: str + fallbackLanguage: + description: Used when displayLang = USEBROWSERLOCALE. + type: str + httpsPort: + description: The port number that the allowed interfaces will listen on. + Range from 8000 to 8999. + type: int + type: dict + postAccessBannerSettings: + description: Hotspot Portal's postAccessBannerSettings. + suboptions: + includePostAccessBanner: + description: IncludePostAccessBanner flag. + type: bool + type: dict + postLoginBannerSettings: + description: Hotspot Portal's postLoginBannerSettings. + suboptions: + includePostAccessBanner: + description: Include a Post-Login Banner page. + type: bool + type: dict + supportInfoSettings: + description: Portal Support Information Settings. + suboptions: + defaultEmptyFieldValue: + description: The default value displayed for an empty field. Only valid + when emptyFieldDisplay = DISPLAYWITHDEFAULTVALUE. + type: str + emptyFieldDisplay: + description: Specifies how empty fields are handled on the Support Information + Page. Allowed values - HIDE, - DISPLAYWITHNOVALUE, - DISPLAYWITHDEFAULTVALUE. + type: str + includeBrowserUserAgent: + description: IncludeBrowserUserAgent flag. + type: bool + includeFailureCode: + description: IncludeFailureCode flag. + type: bool + includeIpAddress: + description: IncludeIpAddress flag. + type: bool + includeMacAddr: + description: IncludeMacAddr flag. + type: bool + includePolicyServer: + description: IncludePolicyServer flag. + type: bool + includeSupportInfoPage: + description: IncludeSupportInfoPage flag. + type: bool + type: dict + type: dict +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + hotspot_portal.HotspotPortal.create_hotspot_portal, + hotspot_portal.HotspotPortal.delete_hotspot_portal_by_id, + hotspot_portal.HotspotPortal.update_hotspot_portal_by_id, + + - Paths used are + post /ers/config/hotspotportal, + delete /ers/config/hotspotportal/{id}, + put /ers/config/hotspotportal/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.hotspot_portal: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + customizations: + globalCustomizations: + backgroundImage: + data: string + bannerImage: + data: string + bannerTitle: string + contactText: string + desktopLogoImage: + data: string + footerElement: string + mobileLogoImage: + data: string + language: + viewLanguage: string + pageCustomizations: + data: + - key: string + value: string + portalTheme: + id: string + name: string + themeData: string + portalTweakSettings: + bannerColor: string + bannerTextColor: string + pageBackgroundColor: string + pageLabelAndTextColor: string + description: string + id: string + name: string + portalTestUrl: string + portalType: string + settings: + aupSettings: + accessCode: string + includeAup: true + requireAccessCode: true + requireScrolling: true + authSuccessSettings: + redirectUrl: string + successRedirect: string + portalSettings: + allowedInterfaces: + - string + alwaysUsedLanguage: string + certificateGroupTag: string + coaType: string + displayLang: string + endpointIdentityGroup: string + fallbackLanguage: string + httpsPort: 0 + postAccessBannerSettings: + includePostAccessBanner: true + postLoginBannerSettings: + includePostAccessBanner: true + supportInfoSettings: + defaultEmptyFieldValue: string + emptyFieldDisplay: string + includeBrowserUserAgent: true + includeFailureCode: true + includeIpAddress: true + includeMacAddr: true + includePolicyServer: true + includeSupportInfoPage: true + +- name: Delete by id + cisco.ise.hotspot_portal: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.hotspot_portal: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + customizations: + globalCustomizations: + backgroundImage: + data: string + bannerImage: + data: string + bannerTitle: string + contactText: string + desktopLogoImage: + data: string + footerElement: string + mobileLogoImage: + data: string + language: + viewLanguage: string + pageCustomizations: + data: + - key: string + value: string + portalTheme: + id: string + name: string + themeData: string + portalTweakSettings: + bannerColor: string + bannerTextColor: string + pageBackgroundColor: string + pageLabelAndTextColor: string + description: string + name: string + portalTestUrl: string + portalType: string + settings: + aupSettings: + accessCode: string + includeAup: true + requireAccessCode: true + requireScrolling: true + authSuccessSettings: + redirectUrl: string + successRedirect: string + portalSettings: + allowedInterfaces: + - string + alwaysUsedLanguage: string + certificateGroupTag: string + coaType: string + displayLang: string + endpointIdentityGroup: string + fallbackLanguage: string + httpsPort: 0 + postAccessBannerSettings: + includePostAccessBanner: true + postLoginBannerSettings: + includePostAccessBanner: true + supportInfoSettings: + defaultEmptyFieldValue: string + emptyFieldDisplay: string + includeBrowserUserAgent: true + includeFailureCode: true + includeIpAddress: true + includeMacAddr: true + includePolicyServer: true + includeSupportInfoPage: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "portalTestUrl": "string", + "settings": { + "portalSettings": { + "httpsPort": 0, + "allowedInterfaces": [ + "string" + ], + "certificateGroupTag": "string", + "endpointIdentityGroup": "string", + "coaType": "string", + "displayLang": "string", + "fallbackLanguage": "string", + "alwaysUsedLanguage": "string" + }, + "aupSettings": { + "requireAccessCode": true, + "accessCode": "string", + "includeAup": true, + "requireScrolling": true + }, + "postAccessBannerSettings": { + "includePostAccessBanner": true + }, + "authSuccessSettings": { + "successRedirect": "string", + "redirectUrl": "string" + }, + "postLoginBannerSettings": { + "includePostAccessBanner": true + }, + "supportInfoSettings": { + "includeSupportInfoPage": true, + "includeMacAddr": true, + "includeIpAddress": true, + "includeBrowserUserAgent": true, + "includePolicyServer": true, + "includeFailureCode": true, + "emptyFieldDisplay": "string", + "defaultEmptyFieldValue": "string" + } + }, + "customizations": { + "portalTheme": { + "id": "string", + "name": "string", + "themeData": "string" + }, + "portalTweakSettings": { + "bannerColor": "string", + "bannerTextColor": "string", + "pageBackgroundColor": "string", + "pageLabelAndTextColor": "string" + }, + "language": { + "viewLanguage": "string" + }, + "globalCustomizations": { + "mobileLogoImage": { + "data": "string" + }, + "desktopLogoImage": { + "data": "string" + }, + "backgroundImage": { + "data": "string" + }, + "bannerImage": { + "data": "string" + }, + "bannerTitle": "string", + "contactText": "string", + "footerElement": "string" + }, + "pageCustomizations": { + "data": [ + { + "key": "string", + "value": "string" + } + ] + } + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/hotspot_portal_info.py b/ansible_collections/cisco/ise/plugins/modules/hotspot_portal_info.py new file mode 100644 index 00000000..e2cbb748 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/hotspot_portal_info.py @@ -0,0 +1,309 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: hotspot_portal_info +short_description: Information module for Hotspot Portal +description: +- Get all Hotspot Portal. +- Get Hotspot Portal by id. +- This API allows the client to get a hotspot portal by ID. +- This API allows the client to get all the hotspot portals. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + hotspot_portal.HotspotPortal.get_hotspot_portal_by_id, + hotspot_portal.HotspotPortal.get_hotspot_portal_generator, + + - Paths used are + get /ers/config/hotspotportal, + get /ers/config/hotspotportal/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Hotspot Portal + cisco.ise.hotspot_portal_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Hotspot Portal by id + cisco.ise.hotspot_portal_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "portalTestUrl": "string", + "settings": { + "portalSettings": { + "httpsPort": 0, + "allowedInterfaces": [ + "string" + ], + "certificateGroupTag": "string", + "endpointIdentityGroup": "string", + "coaType": "string", + "displayLang": "string", + "fallbackLanguage": "string", + "alwaysUsedLanguage": "string" + }, + "aupSettings": { + "requireAccessCode": true, + "accessCode": "string", + "includeAup": true, + "requireScrolling": true + }, + "postAccessBannerSettings": { + "includePostAccessBanner": true + }, + "authSuccessSettings": { + "successRedirect": "string", + "redirectUrl": "string" + }, + "postLoginBannerSettings": { + "includePostAccessBanner": true + }, + "supportInfoSettings": { + "includeSupportInfoPage": true, + "includeMacAddr": true, + "includeIpAddress": true, + "includeBrowserUserAgent": true, + "includePolicyServer": true, + "includeFailureCode": true, + "emptyFieldDisplay": "string", + "defaultEmptyFieldValue": "string" + } + }, + "customizations": { + "portalTheme": { + "id": "string", + "name": "string", + "themeData": "string" + }, + "portalTweakSettings": { + "bannerColor": "string", + "bannerTextColor": "string", + "pageBackgroundColor": "string", + "pageLabelAndTextColor": "string" + }, + "language": { + "viewLanguage": "string" + }, + "globalCustomizations": { + "mobileLogoImage": { + "data": "string" + }, + "desktopLogoImage": { + "data": "string" + }, + "backgroundImage": { + "data": "string" + }, + "bannerImage": { + "data": "string" + }, + "bannerTitle": "string", + "contactText": "string", + "footerElement": "string" + }, + "pageCustomizations": { + "data": [ + { + "key": "string", + "value": "string" + } + ] + } + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "portalTestUrl": "string", + "settings": { + "portalSettings": { + "httpsPort": 0, + "allowedInterfaces": [ + "string" + ], + "certificateGroupTag": "string", + "endpointIdentityGroup": "string", + "coaType": "string", + "displayLang": "string", + "fallbackLanguage": "string", + "alwaysUsedLanguage": "string" + }, + "aupSettings": { + "requireAccessCode": true, + "accessCode": "string", + "includeAup": true, + "requireScrolling": true + }, + "postAccessBannerSettings": { + "includePostAccessBanner": true + }, + "authSuccessSettings": { + "successRedirect": "string", + "redirectUrl": "string" + }, + "postLoginBannerSettings": { + "includePostAccessBanner": true + }, + "supportInfoSettings": { + "includeSupportInfoPage": true, + "includeMacAddr": true, + "includeIpAddress": true, + "includeBrowserUserAgent": true, + "includePolicyServer": true, + "includeFailureCode": true, + "emptyFieldDisplay": "string", + "defaultEmptyFieldValue": "string" + } + }, + "customizations": { + "portalTheme": { + "id": "string", + "name": "string", + "themeData": "string" + }, + "portalTweakSettings": { + "bannerColor": "string", + "bannerTextColor": "string", + "pageBackgroundColor": "string", + "pageLabelAndTextColor": "string" + }, + "language": { + "viewLanguage": "string" + }, + "globalCustomizations": { + "mobileLogoImage": { + "data": "string" + }, + "desktopLogoImage": { + "data": "string" + }, + "backgroundImage": { + "data": "string" + }, + "bannerImage": { + "data": "string" + }, + "bannerTitle": "string", + "contactText": "string", + "footerElement": "string" + }, + "pageCustomizations": { + "data": [ + { + "key": "string", + "value": "string" + } + ] + } + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/id_store_sequence.py b/ansible_collections/cisco/ise/plugins/modules/id_store_sequence.py new file mode 100644 index 00000000..259f25ae --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/id_store_sequence.py @@ -0,0 +1,161 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: id_store_sequence +short_description: Resource module for Id Store Sequence +description: +- Manage operations create, update and delete of the resource Id Store Sequence. +- This API creates an identity sequence. +- This API deletes an identity sequence. +- This API allows the client to update an identity sequence. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + breakOnStoreFail: + description: BreakOnStoreFail flag. + type: bool + certificateAuthenticationProfile: + description: Id Store Sequence's certificateAuthenticationProfile. + type: str + description: + description: Id Store Sequence's description. + type: str + id: + description: Id Store Sequence's id. + type: str + idSeqItem: + description: Id Store Sequence's idSeqItem. + elements: dict + suboptions: + idstore: + description: Id Store Sequence's idstore. + type: str + order: + description: Id Store Sequence's order. + type: int + type: list + name: + description: Id Store Sequence's name. + type: str + parent: + description: Id Store Sequence's parent. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for IdentitySequence + description: Complete reference of the IdentitySequence API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!idstoresequence +notes: + - SDK Method used are + identity_sequence.IdentitySequence.create_identity_sequence, + identity_sequence.IdentitySequence.delete_identity_sequence_by_id, + identity_sequence.IdentitySequence.update_identity_sequence_by_id, + + - Paths used are + post /ers/config/idstoresequence, + delete /ers/config/idstoresequence/{id}, + put /ers/config/idstoresequence/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.id_store_sequence: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + breakOnStoreFail: true + certificateAuthenticationProfile: string + description: string + id: string + idSeqItem: + - idstore: string + order: 0 + name: string + parent: string + +- name: Delete by id + cisco.ise.id_store_sequence: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.id_store_sequence: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + breakOnStoreFail: true + certificateAuthenticationProfile: string + description: string + idSeqItem: + - idstore: string + order: 0 + name: string + parent: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "parent": "string", + "idSeqItem": [ + { + "idstore": "string", + "order": 0 + } + ], + "certificateAuthenticationProfile": "string", + "breakOnStoreFail": true, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/id_store_sequence_info.py b/ansible_collections/cisco/ise/plugins/modules/id_store_sequence_info.py new file mode 100644 index 00000000..16e99cfb --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/id_store_sequence_info.py @@ -0,0 +1,144 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: id_store_sequence_info +short_description: Information module for Id Store Sequence +description: +- Get all Id Store Sequence. +- Get Id Store Sequence by id. +- Get Id Store Sequence by name. +- This API allows the client to get all the identity sequences. +- This API allows the client to get an identity sequence by ID. +- This API allows the client to get an identity sequence by name. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for IdentitySequence + description: Complete reference of the IdentitySequence API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!idstoresequence +notes: + - SDK Method used are + identity_sequence.IdentitySequence.get_identity_sequence_by_id, + identity_sequence.IdentitySequence.get_identity_sequence_by_name, + identity_sequence.IdentitySequence.get_identity_sequence_generator, + + - Paths used are + get /ers/config/idstoresequence, + get /ers/config/idstoresequence/name/{name}, + get /ers/config/idstoresequence/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Id Store Sequence + cisco.ise.id_store_sequence_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + register: result + +- name: Get Id Store Sequence by id + cisco.ise.id_store_sequence_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get Id Store Sequence by name + cisco.ise.id_store_sequence_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "parent": "string", + "idSeqItem": [ + { + "idstore": "string", + "order": 0 + } + ], + "certificateAuthenticationProfile": "string", + "breakOnStoreFail": true, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "parent": "string", + "idSeqItem": [ + { + "idstore": "string", + "order": 0 + } + ], + "certificateAuthenticationProfile": "string", + "breakOnStoreFail": true, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/identity_group.py b/ansible_collections/cisco/ise/plugins/modules/identity_group.py new file mode 100644 index 00000000..c9e017ad --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/identity_group.py @@ -0,0 +1,114 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: identity_group +short_description: Resource module for Identity Group +description: +- Manage operations create and update of the resource Identity Group. +- This API creates an identity group. +- This API allows the client to update an identity group. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + description: + description: Identity Group's description. + type: str + id: + description: Identity Group's id. + type: str + name: + description: Identity Group's name. + type: str + parent: + description: Identity Group's parent. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for IdentityGroups + description: Complete reference of the IdentityGroups API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!identitygroup +notes: + - SDK Method used are + identity_groups.IdentityGroups.create_identity_group, + identity_groups.IdentityGroups.update_identity_group_by_id, + + - Paths used are + post /ers/config/identitygroup, + put /ers/config/identitygroup/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.identity_group: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + id: string + name: string + parent: string + +- name: Create + cisco.ise.identity_group: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + name: string + parent: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "parent": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/identity_group_info.py b/ansible_collections/cisco/ise/plugins/modules/identity_group_info.py new file mode 100644 index 00000000..460a381e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/identity_group_info.py @@ -0,0 +1,166 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: identity_group_info +short_description: Information module for Identity Group +description: +- Get all Identity Group. +- Get Identity Group by id. +- Get Identity Group by name. +- This API allows the client to get all the identity groups. +- This API allows the client to get an identity group by ID. +- This API allows the client to get an identity group by name. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for IdentityGroups + description: Complete reference of the IdentityGroups API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!identitygroup +notes: + - SDK Method used are + identity_groups.IdentityGroups.get_identity_group_by_id, + identity_groups.IdentityGroups.get_identity_group_by_name, + identity_groups.IdentityGroups.get_identity_groups_generator, + + - Paths used are + get /ers/config/identitygroup, + get /ers/config/identitygroup/name/{name}, + get /ers/config/identitygroup/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Identity Group + cisco.ise.identity_group_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Identity Group by id + cisco.ise.identity_group_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get Identity Group by name + cisco.ise.identity_group_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "parent": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "parent": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/internal_user.py b/ansible_collections/cisco/ise/plugins/modules/internal_user.py new file mode 100644 index 00000000..4769df6b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/internal_user.py @@ -0,0 +1,229 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: internal_user +short_description: Resource module for Internal User +description: +- Manage operations create, update and delete of the resource Internal User. +- This API creates an internal user. +- This API deletes an internal user by ID. +- This API deletes an internal user by name. +- This API allows the client to update an internal user by ID. +- This API allows the client to update an internal user by name. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + changePassword: + description: ChangePassword flag. + type: bool + customAttributes: + description: Key value map. + type: dict + description: + description: Internal User's description. + type: str + email: + description: Internal User's email. + type: str + enablePassword: + description: Internal User's enablePassword. + type: str + enabled: + description: Whether the user is enabled/disabled. To use it as filter, the values + should be 'Enabled' or 'Disabled'. The values are case sensitive. For example, + 'ERSObjectURL?filter=enabled.EQ.Enabled'. + type: bool + expiryDate: + description: To store the internal user's expiry date information. It's format is + = 'YYYY-MM-DD'. + type: str + expiryDateEnabled: + description: ExpiryDateEnabled flag. + type: bool + firstName: + description: Internal User's firstName. + type: str + id: + description: Internal User's id. + type: str + identityGroups: + description: CSV of identity group IDs. + type: str + lastName: + description: Internal User's lastName. + type: str + name: + description: Internal User's name. + type: str + password: + description: Internal User's password. + type: str + passwordIDStore: + description: The id store where the internal user's password is kept. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + internal_user.InternalUser.create_internal_user, + internal_user.InternalUser.delete_internal_user_by_id, + internal_user.InternalUser.delete_internal_user_by_name, + internal_user.InternalUser.update_internal_user_by_id, + internal_user.InternalUser.update_internal_user_by_name, + + - Paths used are + post /ers/config/internaluser, + delete /ers/config/internaluser/name/{name}, + delete /ers/config/internaluser/{id}, + put /ers/config/internaluser/name/{name}, + put /ers/config/internaluser/{id}, + +""" + +EXAMPLES = r""" +- name: Update by name + cisco.ise.internal_user: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + changePassword: true + customAttributes: {} + description: string + email: string + enablePassword: string + enabled: true + expiryDate: string + expiryDateEnabled: true + firstName: string + id: string + identityGroups: string + lastName: string + name: string + password: string + passwordIDStore: string + +- name: Delete by name + cisco.ise.internal_user: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + name: string + +- name: Update by id + cisco.ise.internal_user: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + changePassword: true + customAttributes: {} + description: string + email: string + enablePassword: string + enabled: true + expiryDate: string + expiryDateEnabled: true + firstName: string + id: string + identityGroups: string + lastName: string + name: string + password: string + passwordIDStore: string + +- name: Delete by id + cisco.ise.internal_user: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.internal_user: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + changePassword: true + customAttributes: {} + description: string + email: string + enablePassword: string + enabled: true + expiryDate: string + expiryDateEnabled: true + firstName: string + identityGroups: string + lastName: string + name: string + password: string + passwordIDStore: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "enabled": true, + "email": "string", + "password": "string", + "firstName": "string", + "lastName": "string", + "changePassword": true, + "identityGroups": "string", + "expiryDateEnabled": true, + "expiryDate": "string", + "enablePassword": "string", + "customAttributes": {}, + "passwordIDStore": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/internal_user_info.py b/ansible_collections/cisco/ise/plugins/modules/internal_user_info.py new file mode 100644 index 00000000..7f90f383 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/internal_user_info.py @@ -0,0 +1,184 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: internal_user_info +short_description: Information module for Internal User +description: +- Get all Internal User. +- Get Internal User by id. +- Get Internal User by name. +- This API allows the client to get all the internal users. +- This API allows the client to get an internal user by ID. +- This API allows the client to get an internal user by name. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + internal_user.InternalUser.get_internal_user_by_id, + internal_user.InternalUser.get_internal_user_by_name, + internal_user.InternalUser.get_internal_user_generator, + + - Paths used are + get /ers/config/internaluser, + get /ers/config/internaluser/name/{name}, + get /ers/config/internaluser/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Internal User + cisco.ise.internal_user_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Internal User by id + cisco.ise.internal_user_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get Internal User by name + cisco.ise.internal_user_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "enabled": true, + "email": "string", + "password": "string", + "firstName": "string", + "lastName": "string", + "changePassword": true, + "identityGroups": "string", + "expiryDateEnabled": true, + "expiryDate": "string", + "enablePassword": "string", + "customAttributes": {}, + "passwordIDStore": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "enabled": true, + "email": "string", + "password": "string", + "firstName": "string", + "lastName": "string", + "changePassword": true, + "identityGroups": "string", + "expiryDateEnabled": true, + "expiryDate": "string", + "enablePassword": "string", + "customAttributes": {}, + "passwordIDStore": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/ise_root_ca_regenerate.py b/ansible_collections/cisco/ise/plugins/modules/ise_root_ca_regenerate.py new file mode 100644 index 00000000..2eb5f7e0 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/ise_root_ca_regenerate.py @@ -0,0 +1,68 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: ise_root_ca_regenerate +short_description: Resource module for Ise Root CA Regenerate +description: +- Manage operation create of the resource Ise Root CA Regenerate. +- This API initiates regeneration of Cisco ISE root CA certificate chain. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + removeExistingISEIntermediateCSR: + description: Setting this attribute to true removes existing Cisco ISE Intermediate + CSR. + type: bool +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Certificates + description: Complete reference of the Certificates API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!certificate-openapi +notes: + - SDK Method used are + certificates.Certificates.regenerate_ise_root_ca, + + - Paths used are + post /api/v1/certs/ise-root-ca/regenerate, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.ise_root_ca_regenerate: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + removeExistingISEIntermediateCSR: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "id": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/licensing_connection_type_info.py b/ansible_collections/cisco/ise/plugins/modules/licensing_connection_type_info.py new file mode 100644 index 00000000..f5cbe33a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/licensing_connection_type_info.py @@ -0,0 +1,56 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: licensing_connection_type_info +short_description: Information module for Licensing Connection Type +description: +- Get all Licensing Connection Type. +- Get connection type. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Licensing + description: Complete reference of the Licensing API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!license-openapi +notes: + - SDK Method used are + licensing.Licensing.get_connection_type, + + - Paths used are + get /api/v1/license/system/connection-type, + +""" + +EXAMPLES = r""" +- name: Get all Licensing Connection Type + cisco.ise.licensing_connection_type_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "connectionType": "string", + "state": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/licensing_eval_license_info.py b/ansible_collections/cisco/ise/plugins/modules/licensing_eval_license_info.py new file mode 100644 index 00000000..5f4f2067 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/licensing_eval_license_info.py @@ -0,0 +1,55 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: licensing_eval_license_info +short_description: Information module for Licensing Eval License +description: +- Get all Licensing Eval License. +- Get registration information. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Licensing + description: Complete reference of the Licensing API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!license-openapi +notes: + - SDK Method used are + licensing.Licensing.get_eval_license_info, + + - Paths used are + get /api/v1/license/system/eval-license, + +""" + +EXAMPLES = r""" +- name: Get all Licensing Eval License + cisco.ise.licensing_eval_license_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "daysRemaining": 0 + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/licensing_feature_to_tier_mapping_info.py b/ansible_collections/cisco/ise/plugins/modules/licensing_feature_to_tier_mapping_info.py new file mode 100644 index 00000000..28227901 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/licensing_feature_to_tier_mapping_info.py @@ -0,0 +1,61 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: licensing_feature_to_tier_mapping_info +short_description: Information module for Licensing Feature To Tier Mapping +description: +- Get all Licensing Feature To Tier Mapping. +- Get feature to tier mapping. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Licensing + description: Complete reference of the Licensing API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!license-openapi +notes: + - SDK Method used are + licensing.Licensing.get_feature_to_tier_mapping, + + - Paths used are + get /api/v1/license/system/feature-to-tier-mapping, + +""" + +EXAMPLES = r""" +- name: Get all Licensing Feature To Tier Mapping + cisco.ise.licensing_feature_to_tier_mapping_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "featureName": [ + "string" + ], + "tier": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/licensing_registration_create.py b/ansible_collections/cisco/ise/plugins/modules/licensing_registration_create.py new file mode 100644 index 00000000..29712189 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/licensing_registration_create.py @@ -0,0 +1,75 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: licensing_registration_create +short_description: Resource module for Licensing Registration Create +description: +- Manage operation create of the resource Licensing Registration Create. +- License - Configure registration information. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + connectionType: + description: Licensing Registration Create's connectionType. + type: str + registrationType: + description: Licensing Registration Create's registrationType. + type: str + ssmOnPremServer: + description: If connection type is selected as SSM_ONPREM_SERVER, then IP address + or the hostname (or FQDN) of the SSM On-Prem server Host. + type: str + tier: + description: Licensing Registration Create's tier. + elements: str + type: list + token: + description: Token. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Licensing + description: Complete reference of the Licensing API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!license-openapi +notes: + - SDK Method used are + licensing.Licensing.create_registration_info, + + - Paths used are + post /api/v1/license/system/register, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.licensing_registration_create: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + connectionType: string + registrationType: string + ssmOnPremServer: string + tier: + - string + token: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: str + sample: > + "'string'" +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/licensing_registration_info.py b/ansible_collections/cisco/ise/plugins/modules/licensing_registration_info.py new file mode 100644 index 00000000..121e1038 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/licensing_registration_info.py @@ -0,0 +1,60 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: licensing_registration_info +short_description: Information module for Licensing Registration +description: +- Get all Licensing Registration. +- Get registration information. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Licensing + description: Complete reference of the Licensing API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!license-openapi +notes: + - SDK Method used are + licensing.Licensing.get_registration_info, + + - Paths used are + get /api/v1/license/system/register, + +""" + +EXAMPLES = r""" +- name: Get all Licensing Registration + cisco.ise.licensing_registration_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "connectionType": "string", + "registrationState": "string", + "ssmOnPremServer": "string", + "tier": [ + "string" + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/licensing_smart_state_create.py b/ansible_collections/cisco/ise/plugins/modules/licensing_smart_state_create.py new file mode 100644 index 00000000..73c71772 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/licensing_smart_state_create.py @@ -0,0 +1,52 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: licensing_smart_state_create +short_description: Resource module for Licensing Smart State Create +description: +- Manage operation create of the resource Licensing Smart State Create. +- License - Configure smart state information. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Licensing + description: Complete reference of the Licensing API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!license-openapi +notes: + - SDK Method used are + licensing.Licensing.configure_smart_state, + + - Paths used are + post /api/v1/license/system/smart-state, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.licensing_smart_state_create: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: str + sample: > + "'string'" +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/licensing_smart_state_info.py b/ansible_collections/cisco/ise/plugins/modules/licensing_smart_state_info.py new file mode 100644 index 00000000..0267753d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/licensing_smart_state_info.py @@ -0,0 +1,56 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: licensing_smart_state_info +short_description: Information module for Licensing Smart State +description: +- Get all Licensing Smart State. +- Get smart license information. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Licensing + description: Complete reference of the Licensing API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!license-openapi +notes: + - SDK Method used are + licensing.Licensing.get_smart_state, + + - Paths used are + get /api/v1/license/system/smart-state, + +""" + +EXAMPLES = r""" +- name: Get all Licensing Smart State + cisco.ise.licensing_smart_state_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "connectionType": "string", + "state": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/licensing_tier_state_create.py b/ansible_collections/cisco/ise/plugins/modules/licensing_tier_state_create.py new file mode 100644 index 00000000..b48863dc --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/licensing_tier_state_create.py @@ -0,0 +1,75 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: licensing_tier_state_create +short_description: Resource module for Licensing Tier State Create +description: +- Manage operation create of the resource Licensing Tier State Create. +- Applicable values for **name** & **status** parameters. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + payload: + description: Licensing Tier State Create's payload. + elements: dict + suboptions: + name: + description: Licensing Tier State Create's name. + type: str + status: + description: Licensing Tier State Create's status. + type: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Licensing + description: Complete reference of the Licensing API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!license-openapi +notes: + - SDK Method used are + licensing.Licensing.update_tier_state_info, + + - Paths used are + post /api/v1/license/system/tier-state, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.licensing_tier_state_create: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + payload: + - name: string + status: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": [ + { + "message": "string", + "name": "string", + "status": "string" + } + ], + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/licensing_tier_state_info.py b/ansible_collections/cisco/ise/plugins/modules/licensing_tier_state_info.py new file mode 100644 index 00000000..a85e9ea2 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/licensing_tier_state_info.py @@ -0,0 +1,63 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: licensing_tier_state_info +short_description: Information module for Licensing Tier State +description: +- Get all Licensing Tier State. +- Get tier state information. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Licensing + description: Complete reference of the Licensing API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!license-openapi +notes: + - SDK Method used are + licensing.Licensing.get_tier_state_info, + + - Paths used are + get /api/v1/license/system/tier-state, + +""" + +EXAMPLES = r""" +- name: Get all Licensing Tier State + cisco.ise.licensing_tier_state_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "compliance": "string", + "consumptionCounter": 0, + "daysOutOfCompliance": "string", + "lastAuthorization": "string", + "name": "string", + "status": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/mnt_account_status_info.py b/ansible_collections/cisco/ise/plugins/modules/mnt_account_status_info.py new file mode 100644 index 00000000..f17ae253 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/mnt_account_status_info.py @@ -0,0 +1,58 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: mnt_account_status_info +short_description: Information module for MNT Account Status +description: +- Get MNT Account Status by id. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + mac: + description: + - Mac path parameter. + type: str + duration: + description: + - Duration path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + misc.Misc.get_account_status_by_mac, + + - Paths used are + get /AcctStatus/MACAddress/{mac}/{duration}, + +""" + +EXAMPLES = r""" +- name: Get MNT Account Status by id + cisco.ise.mnt_account_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + mac: string + duration: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/mnt_athentication_status_info.py b/ansible_collections/cisco/ise/plugins/modules/mnt_athentication_status_info.py new file mode 100644 index 00000000..6a6d498f --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/mnt_athentication_status_info.py @@ -0,0 +1,65 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: mnt_athentication_status_info +short_description: Information module for Mnt Athentication Status +description: +- Get all Mnt Athentication Status. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + MAC: + description: + - MAC path parameter. + type: str + SECONDS: + description: + - SECONDS path parameter. + type: str + RECORDS: + description: + - RECORDS path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + misc.Misc.get_authentication_status_by_mac, + + - Paths used are + get /AuthStatus/MACAddress/{MAC}/{SECONDS}/{RECORDS}/All, +seealso: +# Reference by module name +- module: cisco.ise.mnt_authentication_status_info +""" + +EXAMPLES = r""" +- name: Get all Mnt Athentication Status + cisco.ise.mnt_athentication_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + MAC: string + SECONDS: string + RECORDS: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: + - {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/mnt_authentication_status_info.py b/ansible_collections/cisco/ise/plugins/modules/mnt_authentication_status_info.py new file mode 100644 index 00000000..fb1b30fb --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/mnt_authentication_status_info.py @@ -0,0 +1,63 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: mnt_authentication_status_info +short_description: Information module for MNT Authentication Status +description: +- Get all MNT Authentication Status. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + MAC: + description: + - MAC path parameter. + type: str + SECONDS: + description: + - SECONDS path parameter. + type: str + RECORDS: + description: + - RECORDS path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + misc.Misc.get_authentication_status_by_mac, + + - Paths used are + get /AuthStatus/MACAddress/{MAC}/{SECONDS}/{RECORDS}/All, + +""" + +EXAMPLES = r""" +- name: Get all MNT Authentication Status + cisco.ise.mnt_authentication_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + MAC: string + SECONDS: string + RECORDS: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/mnt_failure_reasons_info.py b/ansible_collections/cisco/ise/plugins/modules/mnt_failure_reasons_info.py new file mode 100644 index 00000000..53e936d1 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/mnt_failure_reasons_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: mnt_failure_reasons_info +short_description: Information module for MNT Failure Reasons +description: +- Get all MNT Failure Reasons. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + misc.Misc.get_failure_reasons, + + - Paths used are + get /FailureReasons, + +""" + +EXAMPLES = r""" +- name: Get all MNT Failure Reasons + cisco.ise.mnt_failure_reasons_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/mnt_session_active_count_info.py b/ansible_collections/cisco/ise/plugins/modules/mnt_session_active_count_info.py new file mode 100644 index 00000000..c2ffbff8 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/mnt_session_active_count_info.py @@ -0,0 +1,50 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: mnt_session_active_count_info +short_description: Information module for MNT Session Active Count +description: +- Get all MNT Session Active Count. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + misc.Misc.get_active_count, + + - Paths used are + get /Session/ActiveCount, + +""" + +EXAMPLES = r""" +- name: Get all MNT Session Active Count + cisco.ise.mnt_session_active_count_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "count": 0 + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/mnt_session_active_list_info.py b/ansible_collections/cisco/ise/plugins/modules/mnt_session_active_list_info.py new file mode 100644 index 00000000..352e09bf --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/mnt_session_active_list_info.py @@ -0,0 +1,50 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: mnt_session_active_list_info +short_description: Information module for MNT Session Active List +description: +- Get all MNT Session Active List. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + misc.Misc.get_active_list, + + - Paths used are + get /Session/ActiveList, + +""" + +EXAMPLES = r""" +- name: Get all MNT Session Active List + cisco.ise.mnt_session_active_list_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "noOfActiveSession": 0 + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/mnt_session_auth_list_info.py b/ansible_collections/cisco/ise/plugins/modules/mnt_session_auth_list_info.py new file mode 100644 index 00000000..716b60cd --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/mnt_session_auth_list_info.py @@ -0,0 +1,50 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: mnt_session_auth_list_info +short_description: Information module for MNT Session Auth List +description: +- Get all MNT Session Auth List. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + misc.Misc.get_session_auth_list, + + - Paths used are + get /Session/AuthList/null/null, + +""" + +EXAMPLES = r""" +- name: Get all MNT Session Auth List + cisco.ise.mnt_session_auth_list_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "noOfActiveSession": 0 + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/mnt_session_by_ip_info.py b/ansible_collections/cisco/ise/plugins/modules/mnt_session_by_ip_info.py new file mode 100644 index 00000000..f908a7a6 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/mnt_session_by_ip_info.py @@ -0,0 +1,53 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: mnt_session_by_ip_info +short_description: Information module for MNT Session By Ip +description: +- Get MNT Session By Ip by id. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + endpoint_ipv4: + description: + - Endpoint_ipv4 path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + misc.Misc.get_sessions_by_endpoint_ip, + + - Paths used are + get /Session/EndPointIPAddress/{endpoint_ipv4}, + +""" + +EXAMPLES = r""" +- name: Get MNT Session By Ip by id + cisco.ise.mnt_session_by_ip_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + endpoint_ipv4: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/mnt_session_by_mac_info.py b/ansible_collections/cisco/ise/plugins/modules/mnt_session_by_mac_info.py new file mode 100644 index 00000000..754aebbc --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/mnt_session_by_mac_info.py @@ -0,0 +1,53 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: mnt_session_by_mac_info +short_description: Information module for MNT Session By Mac +description: +- Get MNT Session By Mac by id. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + mac: + description: + - Mac path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + misc.Misc.get_sessions_by_mac, + + - Paths used are + get /Session/MACAddress/{mac}, + +""" + +EXAMPLES = r""" +- name: Get MNT Session By Mac by id + cisco.ise.mnt_session_by_mac_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + mac: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/mnt_session_by_nas_ip_info.py b/ansible_collections/cisco/ise/plugins/modules/mnt_session_by_nas_ip_info.py new file mode 100644 index 00000000..09f23798 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/mnt_session_by_nas_ip_info.py @@ -0,0 +1,53 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: mnt_session_by_nas_ip_info +short_description: Information module for MNT Session By Nas Ip +description: +- Get MNT Session By Nas Ip by id. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + nas_ipv4: + description: + - Nas_ipv4 path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + misc.Misc.get_sessions_by_nas_ip, + + - Paths used are + get /Session/IPAddress/{nas_ipv4}, + +""" + +EXAMPLES = r""" +- name: Get MNT Session By Nas Ip by id + cisco.ise.mnt_session_by_nas_ip_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + nas_ipv4: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/mnt_session_by_username_info.py b/ansible_collections/cisco/ise/plugins/modules/mnt_session_by_username_info.py new file mode 100644 index 00000000..81c75049 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/mnt_session_by_username_info.py @@ -0,0 +1,53 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: mnt_session_by_username_info +short_description: Information module for MNT Session By Username +description: +- Get MNT Session By Username by name. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + username: + description: + - Username path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + misc.Misc.get_sessions_by_username, + + - Paths used are + get /Session/UserName/{username}, + +""" + +EXAMPLES = r""" +- name: Get MNT Session By Username by name + cisco.ise.mnt_session_by_username_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + username: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/mnt_session_delete_all.py b/ansible_collections/cisco/ise/plugins/modules/mnt_session_delete_all.py new file mode 100644 index 00000000..a9df0152 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/mnt_session_delete_all.py @@ -0,0 +1,47 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: mnt_session_delete_all +short_description: Resource module for MNT Session Delete All +description: +- Manage operation delete of the resource MNT Session Delete All. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + misc.Misc.delete_all_sessions, + + - Paths used are + delete /Session/Delete/All, + +""" + +EXAMPLES = r""" +- name: Delete all + cisco.ise.mnt_session_delete_all: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/mnt_session_disconnect_info.py b/ansible_collections/cisco/ise/plugins/modules/mnt_session_disconnect_info.py new file mode 100644 index 00000000..5f1be8c8 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/mnt_session_disconnect_info.py @@ -0,0 +1,73 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: mnt_session_disconnect_info +short_description: Information module for MNT Session Disconnect +description: +- Get MNT Session Disconnect by id. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + ENDPOINT_IP: + description: + - ENDPOINT_IP path parameter. + type: str + PSN_NAME: + description: + - PSN_NAME path parameter. + type: str + MAC: + description: + - MAC path parameter. + type: str + DISCONNECT_TYPE: + description: + - DISCONNECT_TYPE path parameter. + type: str + NAS_IPV4: + description: + - NAS_IPV4 path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + misc.Misc.session_disconnect, + + - Paths used are + get /CoA/Disconnect/{PSN_NAME}/{MAC}/{DISCONNECT_TYPE}/{NAS_IPV4}/{{ENDPOINT_IP}}, + +""" + +EXAMPLES = r""" +- name: Get MNT Session Disconnect by id + cisco.ise.mnt_session_disconnect_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + ENDPOINT_IP: string + PSN_NAME: string + MAC: string + DISCONNECT_TYPE: string + NAS_IPV4: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/mnt_session_posture_count_info.py b/ansible_collections/cisco/ise/plugins/modules/mnt_session_posture_count_info.py new file mode 100644 index 00000000..5c8869a9 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/mnt_session_posture_count_info.py @@ -0,0 +1,50 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: mnt_session_posture_count_info +short_description: Information module for MNT Session Posture Count +description: +- Get all MNT Session Posture Count. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + misc.Misc.get_posture_count, + + - Paths used are + get /Session/PostureCount, + +""" + +EXAMPLES = r""" +- name: Get all MNT Session Posture Count + cisco.ise.mnt_session_posture_count_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "count": 0 + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/mnt_session_profiler_count_info.py b/ansible_collections/cisco/ise/plugins/modules/mnt_session_profiler_count_info.py new file mode 100644 index 00000000..5a8db7de --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/mnt_session_profiler_count_info.py @@ -0,0 +1,50 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: mnt_session_profiler_count_info +short_description: Information module for MNT Session Profiler Count +description: +- Get all MNT Session Profiler Count. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + misc.Misc.get_profiler_count, + + - Paths used are + get /Session/ProfilerCount, + +""" + +EXAMPLES = r""" +- name: Get all MNT Session Profiler Count + cisco.ise.mnt_session_profiler_count_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "count": 0 + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/mnt_session_reauthentication_info.py b/ansible_collections/cisco/ise/plugins/modules/mnt_session_reauthentication_info.py new file mode 100644 index 00000000..d0516ee4 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/mnt_session_reauthentication_info.py @@ -0,0 +1,63 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: mnt_session_reauthentication_info +short_description: Information module for MNT Session Reauthentication +description: +- Get MNT Session Reauthentication by id. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + PSN_NAME: + description: + - PSN_NAME path parameter. + type: str + ENDPOINT_MAC: + description: + - ENDPOINT_MAC path parameter. + type: str + REAUTH_TYPE: + description: + - REAUTH_TYPE path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + misc.Misc.session_reauthentication_by_mac, + + - Paths used are + get /CoA/Reauth/{PSN_NAME}/{ENDPOINT_MAC}/{REAUTH_TYPE}, + +""" + +EXAMPLES = r""" +- name: Get MNT Session Reauthentication by id + cisco.ise.mnt_session_reauthentication_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + PSN_NAME: string + ENDPOINT_MAC: string + REAUTH_TYPE: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/mnt_sessions_by_session_id_info.py b/ansible_collections/cisco/ise/plugins/modules/mnt_sessions_by_session_id_info.py new file mode 100644 index 00000000..d614bab8 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/mnt_sessions_by_session_id_info.py @@ -0,0 +1,53 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: mnt_sessions_by_session_id_info +short_description: Information module for MNT Sessions By Session Id +description: +- Get all MNT Sessions By Session Id. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + session_id: + description: + - Session_id path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + misc.Misc.get_sessions_by_session_id, + + - Paths used are + get /Session/Active/SessionID/{session_id}/0, + +""" + +EXAMPLES = r""" +- name: Get all MNT Sessions By Session Id + cisco.ise.mnt_sessions_by_session_id_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + session_id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/mnt_version_info.py b/ansible_collections/cisco/ise/plugins/modules/mnt_version_info.py new file mode 100644 index 00000000..7217600d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/mnt_version_info.py @@ -0,0 +1,52 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: mnt_version_info +short_description: Information module for MNT Version +description: +- Get all MNT Version. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + misc.Misc.get_mnt_version, + + - Paths used are + get /Version, + +""" + +EXAMPLES = r""" +- name: Get all MNT Version + cisco.ise.mnt_version_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "name": "string", + "version": "string", + "type_of_node": 0 + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/my_device_portal.py b/ansible_collections/cisco/ise/plugins/modules/my_device_portal.py new file mode 100644 index 00000000..bdec90ad --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/my_device_portal.py @@ -0,0 +1,593 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: my_device_portal +short_description: Resource module for My Device Portal +description: +- Manage operations create, update and delete of the resource My Device Portal. +- This API creates a my device portal. +- This API deletes a my device portal by ID. +- This API allows the client to update a my device portal by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + customizations: + description: Defines all of the Portal Customizations available. + suboptions: + globalCustomizations: + description: My Device Portal's globalCustomizations. + suboptions: + backgroundImage: + description: My Device Portal's backgroundImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + bannerImage: + description: My Device Portal's bannerImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + bannerTitle: + description: My Device Portal's bannerTitle. + type: str + contactText: + description: My Device Portal's contactText. + type: str + desktopLogoImage: + description: My Device Portal's desktopLogoImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + footerElement: + description: My Device Portal's footerElement. + type: str + mobileLogoImage: + description: My Device Portal's mobileLogoImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + type: dict + language: + description: This property is supported only for Read operation and it allows + to show the customizations in English. Other languages are not supported. + suboptions: + viewLanguage: + description: My Device Portal's viewLanguage. + type: str + type: dict + pageCustomizations: + description: Represent the entire page customization as a giant dictionary. + suboptions: + data: + description: The Dictionary will be exposed here as key value pair. + elements: dict + suboptions: + key: + description: My Device Portal's key. + type: str + value: + description: My Device Portal's value. + type: str + type: list + type: dict + portalTheme: + description: My Device Portal's portalTheme. + suboptions: + id: + description: My Device Portal's id. + type: str + name: + description: The system- or user-assigned name of the portal theme. + type: str + themeData: + description: A CSS file, represented as a Base64-encoded byte array. + type: str + type: dict + portalTweakSettings: + description: The Tweak Settings are a customization of the Portal Theme that + has been selected for the portal. When the Portal Theme selection is changed, + the Tweak Settings are overwritten to match the values in the theme. The Tweak + Settings can subsequently be changed by the user. + suboptions: + bannerColor: + description: Hex value of color. + type: str + bannerTextColor: + description: My Device Portal's bannerTextColor. + type: str + pageBackgroundColor: + description: My Device Portal's pageBackgroundColor. + type: str + pageLabelAndTextColor: + description: My Device Portal's pageLabelAndTextColor. + type: str + type: dict + type: dict + description: + description: My Device Portal's description. + type: str + id: + description: My Device Portal's id. + type: str + name: + description: My Device Portal's name. + type: str + portalTestUrl: + description: URL to bring up a test page for this portal. + type: str + portalType: + description: Allowed values - BYOD, - HOTSPOTGUEST, - MYDEVICE, - SELFREGGUEST, + - SPONSOR, - SPONSOREDGUEST. + type: str + settings: + description: Defines all of the settings groups available for a Mydevice portal. + suboptions: + aupSettings: + description: Configuration of the Acceptable Use Policy (AUP) for a portal. + suboptions: + displayFrequency: + description: How the AUP should be displayed, either on page or as a link. + Only valid if includeAup = true. Allowed Values - FIRSTLOGIN, - EVERYLOGIN, + - RECURRING. + type: str + displayFrequencyIntervalDays: + description: Number of days between AUP confirmations (when displayFrequency + = recurring). + type: int + includeAup: + description: Require the portal user to read and accept an AUP. + type: bool + requireScrolling: + description: Require the portal user to scroll to the end of the AUP. Only + valid if requireAupAcceptance = true. + type: bool + type: dict + employeeChangePasswordSettings: + description: My Device Portal's employeeChangePasswordSettings. + suboptions: + allowEmployeeToChangePwd: + description: AllowEmployeeToChangePwd flag. + type: bool + type: dict + loginPageSettings: + description: My Device Portal's loginPageSettings. + suboptions: + aupDisplay: + description: How the AUP should be displayed, either on page or as a link. + Only valid if includeAup = true. Allowed values - ONPAGE, - ASLINK. + type: str + includeAup: + description: Include an Acceptable Use Policy (AUP) that should be displayed + during login. + type: bool + maxFailedAttemptsBeforeRateLimit: + description: Maximum failed login attempts before rate limiting. + type: int + requireAupAcceptance: + description: Require the portal user to accept the AUP. Only valid if includeAup + = true. + type: bool + requireScrolling: + description: Require the portal user to scroll to the end of the AUP. Only + valid if requireAupAcceptance = true. + type: bool + socialConfigs: + description: My Device Portal's socialConfigs. + elements: dict + type: list + timeBetweenLoginsDuringRateLimit: + description: Time between login attempts when rate limiting. + type: int + type: dict + portalSettings: + description: The port, interface, certificate, and other basic settings of a + portal. + suboptions: + allowedInterfaces: + description: Interfaces that the portal will be reachable on. Allowed values + - eth0, - eth1, - eth2, - eth3, - eth4, - eth5, - bond0, - bond1, - bond2. + elements: str + type: list + alwaysUsedLanguage: + description: My Device Portal's alwaysUsedLanguage. + type: str + certificateGroupTag: + description: Logical name of the x.509 server certificate that will be used + for the portal. + type: str + displayLang: + description: Allowed values - USEBROWSERLOCALE, - ALWAYSUSE. + type: str + endpointIdentityGroup: + description: Unique Id of the endpoint identity group where user's devices + will be added. Used only in Hotspot Portal. + type: str + fallbackLanguage: + description: Used when displayLang = USEBROWSERLOCALE. + type: str + httpsPort: + description: The port number that the allowed interfaces will listen on. + Range from 8000 to 8999. + type: int + type: dict + postAccessBannerSettings: + description: My Device Portal's postAccessBannerSettings. + suboptions: + includePostAccessBanner: + description: IncludePostAccessBanner flag. + type: bool + type: dict + postLoginBannerSettings: + description: My Device Portal's postLoginBannerSettings. + suboptions: + includePostAccessBanner: + description: Include a Post-Login Banner page. + type: bool + type: dict + supportInfoSettings: + description: My Device Portal's supportInfoSettings. + suboptions: + defaultEmptyFieldValue: + description: The default value displayed for an empty field. Only valid + when emptyFieldDisplay = DISPLAYWITHDEFAULTVALUE. + type: str + emptyFieldDisplay: + description: Specifies how empty fields are handled on the Support Information + Page. Allowed values - HIDE, - DISPLAYWITHNOVALUE, - DISPLAYWITHDEFAULTVALUE. + type: str + includeBrowserUserAgent: + description: IncludeBrowserUserAgent flag. + type: bool + includeFailureCode: + description: IncludeFailureCode flag. + type: bool + includeIpAddress: + description: IncludeIpAddress flag. + type: bool + includeMacAddr: + description: IncludeMacAddr flag. + type: bool + includePolicyServer: + description: IncludePolicyServer flag. + type: bool + includeSupportInfoPage: + description: IncludeSupportInfoPage flag. + type: bool + type: dict + type: dict +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + my_device_portal.MyDevicePortal.create_my_device_portal, + my_device_portal.MyDevicePortal.delete_my_device_portal_by_id, + my_device_portal.MyDevicePortal.update_my_device_portal_by_id, + + - Paths used are + post /ers/config/mydeviceportal, + delete /ers/config/mydeviceportal/{id}, + put /ers/config/mydeviceportal/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.my_device_portal: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + customizations: + globalCustomizations: + backgroundImage: + data: string + bannerImage: + data: string + bannerTitle: string + contactText: string + desktopLogoImage: + data: string + footerElement: string + mobileLogoImage: + data: string + language: + viewLanguage: string + pageCustomizations: + data: + - key: string + value: string + portalTheme: + id: string + name: string + themeData: string + portalTweakSettings: + bannerColor: string + bannerTextColor: string + pageBackgroundColor: string + pageLabelAndTextColor: string + description: string + id: string + name: string + portalTestUrl: string + portalType: string + settings: + aupSettings: + displayFrequency: string + displayFrequencyIntervalDays: 0 + includeAup: true + requireScrolling: true + employeeChangePasswordSettings: + allowEmployeeToChangePwd: true + loginPageSettings: + aupDisplay: string + includeAup: true + maxFailedAttemptsBeforeRateLimit: 0 + requireAupAcceptance: true + requireScrolling: true + socialConfigs: + - {} + timeBetweenLoginsDuringRateLimit: 0 + portalSettings: + allowedInterfaces: + - string + alwaysUsedLanguage: string + certificateGroupTag: string + displayLang: string + endpointIdentityGroup: string + fallbackLanguage: string + httpsPort: 0 + postAccessBannerSettings: + includePostAccessBanner: true + postLoginBannerSettings: + includePostAccessBanner: true + supportInfoSettings: + defaultEmptyFieldValue: string + emptyFieldDisplay: string + includeBrowserUserAgent: true + includeFailureCode: true + includeIpAddress: true + includeMacAddr: true + includePolicyServer: true + includeSupportInfoPage: true + +- name: Delete by id + cisco.ise.my_device_portal: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.my_device_portal: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + customizations: + globalCustomizations: + backgroundImage: + data: string + bannerImage: + data: string + bannerTitle: string + contactText: string + desktopLogoImage: + data: string + footerElement: string + mobileLogoImage: + data: string + language: + viewLanguage: string + pageCustomizations: + data: + - key: string + value: string + portalTheme: + id: string + name: string + themeData: string + portalTweakSettings: + bannerColor: string + bannerTextColor: string + pageBackgroundColor: string + pageLabelAndTextColor: string + description: string + name: string + portalTestUrl: string + portalType: string + settings: + aupSettings: + displayFrequency: string + displayFrequencyIntervalDays: 0 + includeAup: true + requireScrolling: true + employeeChangePasswordSettings: + allowEmployeeToChangePwd: true + loginPageSettings: + aupDisplay: string + includeAup: true + maxFailedAttemptsBeforeRateLimit: 0 + requireAupAcceptance: true + requireScrolling: true + socialConfigs: + - {} + timeBetweenLoginsDuringRateLimit: 0 + portalSettings: + allowedInterfaces: + - string + alwaysUsedLanguage: string + certificateGroupTag: string + displayLang: string + endpointIdentityGroup: string + fallbackLanguage: string + httpsPort: 0 + postAccessBannerSettings: + includePostAccessBanner: true + postLoginBannerSettings: + includePostAccessBanner: true + supportInfoSettings: + defaultEmptyFieldValue: string + emptyFieldDisplay: string + includeBrowserUserAgent: true + includeFailureCode: true + includeIpAddress: true + includeMacAddr: true + includePolicyServer: true + includeSupportInfoPage: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "portalTestUrl": "string", + "settings": { + "portalSettings": { + "httpsPort": 0, + "allowedInterfaces": [ + "string" + ], + "certificateGroupTag": "string", + "endpointIdentityGroup": "string", + "displayLang": "string", + "fallbackLanguage": "string", + "alwaysUsedLanguage": "string" + }, + "loginPageSettings": { + "maxFailedAttemptsBeforeRateLimit": 0, + "timeBetweenLoginsDuringRateLimit": 0, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "requireScrolling": true, + "socialConfigs": [ + {} + ] + }, + "aupSettings": { + "displayFrequencyIntervalDays": 0, + "displayFrequency": "string", + "includeAup": true, + "requireScrolling": true + }, + "employeeChangePasswordSettings": { + "allowEmployeeToChangePwd": true + }, + "postLoginBannerSettings": { + "includePostAccessBanner": true + }, + "postAccessBannerSettings": { + "includePostAccessBanner": true + }, + "supportInfoSettings": { + "includeSupportInfoPage": true, + "includeMacAddr": true, + "includeIpAddress": true, + "includeBrowserUserAgent": true, + "includePolicyServer": true, + "includeFailureCode": true, + "emptyFieldDisplay": "string", + "defaultEmptyFieldValue": "string" + } + }, + "customizations": { + "portalTheme": { + "id": "string", + "name": "string", + "themeData": "string" + }, + "portalTweakSettings": { + "bannerColor": "string", + "bannerTextColor": "string", + "pageBackgroundColor": "string", + "pageLabelAndTextColor": "string" + }, + "language": { + "viewLanguage": "string" + }, + "globalCustomizations": { + "mobileLogoImage": { + "data": "string" + }, + "desktopLogoImage": { + "data": "string" + }, + "bannerImage": { + "data": "string" + }, + "backgroundImage": { + "data": "string" + }, + "bannerTitle": "string", + "contactText": "string", + "footerElement": "string" + }, + "pageCustomizations": { + "data": [ + { + "key": "string", + "value": "string" + } + ] + } + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/my_device_portal_info.py b/ansible_collections/cisco/ise/plugins/modules/my_device_portal_info.py new file mode 100644 index 00000000..c0c1cd87 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/my_device_portal_info.py @@ -0,0 +1,327 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: my_device_portal_info +short_description: Information module for My Device Portal +description: +- Get all My Device Portal. +- Get My Device Portal by id. +- This API allows the client to get a my device portal by ID. +- This API allows the client to get all the my device portals. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + my_device_portal.MyDevicePortal.get_my_device_portal_by_id, + my_device_portal.MyDevicePortal.get_my_device_portal_generator, + + - Paths used are + get /ers/config/mydeviceportal, + get /ers/config/mydeviceportal/{id}, + +""" + +EXAMPLES = r""" +- name: Get all My Device Portal + cisco.ise.my_device_portal_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get My Device Portal by id + cisco.ise.my_device_portal_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "portalTestUrl": "string", + "settings": { + "portalSettings": { + "httpsPort": 0, + "allowedInterfaces": [ + "string" + ], + "certificateGroupTag": "string", + "endpointIdentityGroup": "string", + "displayLang": "string", + "fallbackLanguage": "string", + "alwaysUsedLanguage": "string" + }, + "loginPageSettings": { + "maxFailedAttemptsBeforeRateLimit": 0, + "timeBetweenLoginsDuringRateLimit": 0, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "requireScrolling": true, + "socialConfigs": [ + {} + ] + }, + "aupSettings": { + "displayFrequencyIntervalDays": 0, + "displayFrequency": "string", + "includeAup": true, + "requireScrolling": true + }, + "employeeChangePasswordSettings": { + "allowEmployeeToChangePwd": true + }, + "postLoginBannerSettings": { + "includePostAccessBanner": true + }, + "postAccessBannerSettings": { + "includePostAccessBanner": true + }, + "supportInfoSettings": { + "includeSupportInfoPage": true, + "includeMacAddr": true, + "includeIpAddress": true, + "includeBrowserUserAgent": true, + "includePolicyServer": true, + "includeFailureCode": true, + "emptyFieldDisplay": "string", + "defaultEmptyFieldValue": "string" + } + }, + "customizations": { + "portalTheme": { + "id": "string", + "name": "string", + "themeData": "string" + }, + "portalTweakSettings": { + "bannerColor": "string", + "bannerTextColor": "string", + "pageBackgroundColor": "string", + "pageLabelAndTextColor": "string" + }, + "language": { + "viewLanguage": "string" + }, + "globalCustomizations": { + "mobileLogoImage": { + "data": "string" + }, + "desktopLogoImage": { + "data": "string" + }, + "bannerImage": { + "data": "string" + }, + "backgroundImage": { + "data": "string" + }, + "bannerTitle": "string", + "contactText": "string", + "footerElement": "string" + }, + "pageCustomizations": { + "data": [ + { + "key": "string", + "value": "string" + } + ] + } + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "portalTestUrl": "string", + "settings": { + "portalSettings": { + "httpsPort": 0, + "allowedInterfaces": [ + "string" + ], + "certificateGroupTag": "string", + "endpointIdentityGroup": "string", + "displayLang": "string", + "fallbackLanguage": "string", + "alwaysUsedLanguage": "string" + }, + "loginPageSettings": { + "maxFailedAttemptsBeforeRateLimit": 0, + "timeBetweenLoginsDuringRateLimit": 0, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "requireScrolling": true, + "socialConfigs": [ + {} + ] + }, + "aupSettings": { + "displayFrequencyIntervalDays": 0, + "displayFrequency": "string", + "includeAup": true, + "requireScrolling": true + }, + "employeeChangePasswordSettings": { + "allowEmployeeToChangePwd": true + }, + "postLoginBannerSettings": { + "includePostAccessBanner": true + }, + "postAccessBannerSettings": { + "includePostAccessBanner": true + }, + "supportInfoSettings": { + "includeSupportInfoPage": true, + "includeMacAddr": true, + "includeIpAddress": true, + "includeBrowserUserAgent": true, + "includePolicyServer": true, + "includeFailureCode": true, + "emptyFieldDisplay": "string", + "defaultEmptyFieldValue": "string" + } + }, + "customizations": { + "portalTheme": { + "id": "string", + "name": "string", + "themeData": "string" + }, + "portalTweakSettings": { + "bannerColor": "string", + "bannerTextColor": "string", + "pageBackgroundColor": "string", + "pageLabelAndTextColor": "string" + }, + "language": { + "viewLanguage": "string" + }, + "globalCustomizations": { + "mobileLogoImage": { + "data": "string" + }, + "desktopLogoImage": { + "data": "string" + }, + "bannerImage": { + "data": "string" + }, + "backgroundImage": { + "data": "string" + }, + "bannerTitle": "string", + "contactText": "string", + "footerElement": "string" + }, + "pageCustomizations": { + "data": [ + { + "key": "string", + "value": "string" + } + ] + } + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/native_supplicant_profile.py b/ansible_collections/cisco/ise/plugins/modules/native_supplicant_profile.py new file mode 100644 index 00000000..e34a702c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/native_supplicant_profile.py @@ -0,0 +1,143 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: native_supplicant_profile +short_description: Resource module for Native Supplicant Profile +description: +- Manage operations update and delete of the resource Native Supplicant Profile. +- This API deletes a native supplicant profile. +- This API allows the client to update a native supplicant profile. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + description: + description: Native Supplicant Profile's description. + type: str + id: + description: Native Supplicant Profile's id. + type: str + name: + description: Native Supplicant Profile's name. + type: str + wirelessProfiles: + description: Native Supplicant Profile's wirelessProfiles. + elements: dict + suboptions: + actionType: + description: Action type for WifiProfile. Allowed values - ADD, - UPDATE, - + DELETE (required for updating existing WirelessProfile). + type: str + allowedProtocol: + description: Native Supplicant Profile's allowedProtocol. + type: str + certificateTemplateId: + description: Native Supplicant Profile's certificateTemplateId. + type: str + previousSSID: + description: Previous ssid for WifiProfile (required for updating existing WirelessProfile). + type: str + ssid: + description: Native Supplicant Profile's ssid. + type: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for NativeSupplicantProfile + description: Complete reference of the NativeSupplicantProfile API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!nspprofile +notes: + - SDK Method used are + native_supplicant_profile.NativeSupplicantProfile.delete_native_supplicant_profile_by_id, + native_supplicant_profile.NativeSupplicantProfile.update_native_supplicant_profile_by_id, + + - Paths used are + delete /ers/config/nspprofile/{id}, + put /ers/config/nspprofile/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.native_supplicant_profile: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + id: string + name: string + wirelessProfiles: + - actionType: string + allowedProtocol: string + certificateTemplateId: string + previousSsid: string + ssid: string + +- name: Delete by id + cisco.ise.native_supplicant_profile: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "wirelessProfiles": [ + { + "ssid": "string", + "allowedProtocol": "string", + "certificateTemplateId": "string", + "actionType": "string", + "previousSsid": "string" + } + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/native_supplicant_profile_info.py b/ansible_collections/cisco/ise/plugins/modules/native_supplicant_profile_info.py new file mode 100644 index 00000000..f086ded1 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/native_supplicant_profile_info.py @@ -0,0 +1,127 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: native_supplicant_profile_info +short_description: Information module for Native Supplicant Profile +description: +- Get all Native Supplicant Profile. +- Get Native Supplicant Profile by id. +- This API allows the client to get a native supplicant profile by ID. +- This API allows the client to get all the native supplicant profiles. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for NativeSupplicantProfile + description: Complete reference of the NativeSupplicantProfile API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!nspprofile +notes: + - SDK Method used are + native_supplicant_profile.NativeSupplicantProfile.get_native_supplicant_profile_by_id, + native_supplicant_profile.NativeSupplicantProfile.get_native_supplicant_profile_generator, + + - Paths used are + get /ers/config/nspprofile, + get /ers/config/nspprofile/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Native Supplicant Profile + cisco.ise.native_supplicant_profile_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + register: result + +- name: Get Native Supplicant Profile by id + cisco.ise.native_supplicant_profile_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "wirelessProfiles": [ + { + "ssid": "string", + "allowedProtocol": "string", + "certificateTemplateId": "string", + "actionType": "string", + "previousSsid": "string" + } + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "wirelessProfiles": [ + { + "ssid": "string", + "allowedProtocol": "string", + "certificateTemplateId": "string", + "actionType": "string", + "previousSsid": "string" + } + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_authentication_rules.py b/ansible_collections/cisco/ise/plugins/modules/network_access_authentication_rules.py new file mode 100644 index 00000000..33ea4762 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_authentication_rules.py @@ -0,0 +1,535 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_authentication_rules +short_description: Resource module for Network Access Authentication Rules +description: +- Manage operations create, update and delete of the resource Network Access Authentication Rules. +- Network Access - Create authentication rule. +- Network Access - Delete rule. +- Network Access - Update rule. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + id: + description: Id path parameter. Rule id. + type: str + identitySourceName: + description: Identity source name from the identity stores. + type: str + ifAuthFail: + description: Action to perform when authentication fails such as Bad credentials, + disabled user and so on. + type: str + ifProcessFail: + description: Action to perform when ISE is uanble to access the identity database. + type: str + ifUserNotFound: + description: Action to perform when user is not found in any of identity stores. + type: str + link: + description: Network Access Authentication Rules's link. + suboptions: + href: + description: Network Access Authentication Rules's href. + type: str + rel: + description: Network Access Authentication Rules's rel. + type: str + type: + description: Network Access Authentication Rules's type. + type: str + type: dict + policyId: + description: PolicyId path parameter. Policy id. + type: str + rule: + description: Common attributes in rule authentication/authorization. + suboptions: + condition: + description: Network Access Authentication Rules's condition. + suboptions: + attributeName: + description: Dictionary attribute name. + type: str + attributeValue: + description: <ul><li>Attribute value for condition</li> <li>Value type is + specified in dictionary object</li> <li>if multiple values allowed is + specified in dictionary object</li></ul>. + type: str + children: + description: In case type is andBlock or orBlock addtional conditions will + be aggregated under this logical (OR/AND) condition. + elements: dict + suboptions: + conditionType: + description: <ul><li>Inidicates whether the record is the condition + itself(data) or a logical(or,and) aggregation</li> <li>Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain + condition data but not both</li> <li>Logical aggreation(and,or) enum + indicates that additional conditions are present under the children + field</li></ul>. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Network Access Authentication Rules's link. + suboptions: + href: + description: Network Access Authentication Rules's href. + type: str + rel: + description: Network Access Authentication Rules's rel. + type: str + type: + description: Network Access Authentication Rules's type. + type: str + type: dict + type: list + conditionType: + description: <ul><li>Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation</li> <li>Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain + condition data but not both</li> <li>Logical aggreation(and,or) enum indicates + that additional conditions are present under the children field</li></ul>. + type: str + datesRange: + description: <p>Defines for which date/s TimeAndDate condition will be matched<br> + Options are - Date range, for specific date, the same date should be used + for start/end date <br> Default - no specific dates<br> In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)</p>. + suboptions: + endDate: + description: Network Access Authentication Rules's endDate. + type: str + startDate: + description: Network Access Authentication Rules's startDate. + type: str + type: dict + datesRangeException: + description: <p>Defines for which date/s TimeAndDate condition will be matched<br> + Options are - Date range, for specific date, the same date should be used + for start/end date <br> Default - no specific dates<br> In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)</p>. + suboptions: + endDate: + description: Network Access Authentication Rules's endDate. + type: str + startDate: + description: Network Access Authentication Rules's startDate. + type: str + type: dict + description: + description: Condition description. + type: str + dictionaryName: + description: Dictionary name. + type: str + dictionaryValue: + description: Dictionary value. + type: str + hoursRange: + description: <p>Defines for which hours a TimeAndDate condition will be + matched<br> Time format - hh mm ( h = hour , mm = minutes ) <br> Default + - All Day </p>. + suboptions: + endTime: + description: Network Access Authentication Rules's endTime. + type: str + startTime: + description: Network Access Authentication Rules's startTime. + type: str + type: dict + hoursRangeException: + description: <p>Defines for which hours a TimeAndDate condition will be + matched<br> Time format - hh mm ( h = hour , mm = minutes ) <br> Default + - All Day </p>. + suboptions: + endTime: + description: Network Access Authentication Rules's endTime. + type: str + startTime: + description: Network Access Authentication Rules's startTime. + type: str + type: dict + id: + description: Network Access Authentication Rules's id. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Network Access Authentication Rules's link. + suboptions: + href: + description: Network Access Authentication Rules's href. + type: str + rel: + description: Network Access Authentication Rules's rel. + type: str + type: + description: Network Access Authentication Rules's type. + type: str + type: dict + name: + description: Condition name. + type: str + operator: + description: Equality operator. + type: str + weekDays: + description: <p>Defines for which days this condition will be matched<br> + Days format - Arrays of WeekDay enums <br> Default - List of All week + days</p>. + elements: str + type: list + weekDaysException: + description: <p>Defines for which days this condition will NOT be matched<br> + Days format - Arrays of WeekDay enums <br> Default - Not enabled</p>. + elements: str + type: list + type: dict + default: + description: Indicates if this rule is the default one. + type: bool + hitCounts: + description: The amount of times the rule was matched. + type: int + id: + description: The identifier of the rule. + type: str + name: + description: Rule name, Valid characters are alphanumerics, underscore, hyphen, + space, period, parentheses. + type: str + rank: + description: The rank(priority) in relation to other rules. Lower rank is higher + priority. + type: int + state: + description: The state that the rule is in. A disabled rule cannot be matched. + type: str + type: dict +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Authentication Rules + description: Complete reference of the Network Access - Authentication Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_authentication_rules.NetworkAccessAuthenticationRules.create_network_access_authentication_rule, + network_access_authentication_rules.NetworkAccessAuthenticationRules.delete_network_access_authentication_rule_by_id, + network_access_authentication_rules.NetworkAccessAuthenticationRules.update_network_access_authentication_rule_by_id, + + - Paths used are + post /network-access/policy-set/{policyId}/authentication, + delete /network-access/policy-set/{policyId}/authentication/{id}, + put /network-access/policy-set/{policyId}/authentication/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.network_access_authentication_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + identitySourceName: string + ifAuthFail: string + ifProcessFail: string + ifUserNotFound: string + link: + href: string + rel: string + type: string + policyId: string + rule: + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + hitCounts: 0 + id: string + name: string + rank: 0 + state: string + +- name: Update by id + cisco.ise.network_access_authentication_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + id: string + identitySourceName: string + ifAuthFail: string + ifProcessFail: string + ifUserNotFound: string + link: + href: string + rel: string + type: string + policyId: string + rule: + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + hitCounts: 0 + id: string + name: string + rank: 0 + state: string + +- name: Delete by id + cisco.ise.network_access_authentication_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + policyId: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "identitySourceName": "string", + "ifAuthFail": "string", + "ifProcessFail": "string", + "ifUserNotFound": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": { + "identitySourceName": "string", + "ifAuthFail": "string", + "ifProcessFail": "string", + "ifUserNotFound": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + } + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_authentication_rules_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_authentication_rules_info.py new file mode 100644 index 00000000..a4124342 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_authentication_rules_info.py @@ -0,0 +1,144 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_authentication_rules_info +short_description: Information module for Network Access Authentication Rules +description: +- Get all Network Access Authentication Rules. +- Get Network Access Authentication Rules by id. +- Network Access - Get authentication rules. +- Network Access - Get rule attributes. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + policyId: + description: + - PolicyId path parameter. Policy id. + type: str + id: + description: + - Id path parameter. Rule id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Authentication Rules + description: Complete reference of the Network Access - Authentication Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_authentication_rules.NetworkAccessAuthenticationRules.get_network_access_authentication_rule_by_id, + network_access_authentication_rules.NetworkAccessAuthenticationRules.get_network_access_authentication_rules, + + - Paths used are + get /network-access/policy-set/{policyId}/authentication, + get /network-access/policy-set/{policyId}/authentication/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Authentication Rules + cisco.ise.network_access_authentication_rules_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + policyId: string + register: result + +- name: Get Network Access Authentication Rules by id + cisco.ise.network_access_authentication_rules_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + policyId: string + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "identitySourceName": "string", + "ifAuthFail": "string", + "ifProcessFail": "string", + "ifUserNotFound": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_authentication_rules_reset_hitcount.py b/ansible_collections/cisco/ise/plugins/modules/network_access_authentication_rules_reset_hitcount.py new file mode 100644 index 00000000..1d4de88e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_authentication_rules_reset_hitcount.py @@ -0,0 +1,58 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_authentication_rules_reset_hitcount +short_description: Resource module for Network Access Authentication Rules Reset Hitcount +description: +- Manage operation create of the resource Network Access Authentication Rules Reset Hitcount. +- Network Access - Reset HitCount for Authentication Rules. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + policyId: + description: PolicyId path parameter. Policy id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Authentication Rules + description: Complete reference of the Network Access - Authentication Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_authentication_rules.NetworkAccessAuthenticationRules.reset_hit_counts_network_access_authentication_rules, + + - Paths used are + post /network-access/policy-set/{policyId}/authentication/reset-hitcount, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.network_access_authentication_rules_reset_hitcount: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + policyId: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "message": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_authorization_rules.py b/ansible_collections/cisco/ise/plugins/modules/network_access_authorization_rules.py new file mode 100644 index 00000000..03b4c64b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_authorization_rules.py @@ -0,0 +1,527 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_authorization_rules +short_description: Resource module for Network Access Authorization Rules +description: +- Manage operations create, update and delete of the resource Network Access Authorization Rules. +- Network Access - Create authorization rule. +- Network Access - Delete authorization rule. +- Network Access - Update authorization rule. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + id: + description: Id path parameter. Rule id. + type: str + link: + description: Network Access Authorization Rules's link. + suboptions: + href: + description: Network Access Authorization Rules's href. + type: str + rel: + description: Network Access Authorization Rules's rel. + type: str + type: + description: Network Access Authorization Rules's type. + type: str + type: dict + policyId: + description: PolicyId path parameter. Policy id. + type: str + profile: + description: The authorization profile/s. + elements: str + type: list + rule: + description: Common attributes in rule authentication/authorization. + suboptions: + condition: + description: Network Access Authorization Rules's condition. + suboptions: + attributeName: + description: Dictionary attribute name. + type: str + attributeValue: + description: <ul><li>Attribute value for condition</li> <li>Value type is + specified in dictionary object</li> <li>if multiple values allowed is + specified in dictionary object</li></ul>. + type: str + children: + description: In case type is andBlock or orBlock addtional conditions will + be aggregated under this logical (OR/AND) condition. + elements: dict + suboptions: + conditionType: + description: <ul><li>Inidicates whether the record is the condition + itself(data) or a logical(or,and) aggregation</li> <li>Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain + condition data but not both</li> <li>Logical aggreation(and,or) enum + indicates that additional conditions are present under the children + field</li></ul>. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Network Access Authorization Rules's link. + suboptions: + href: + description: Network Access Authorization Rules's href. + type: str + rel: + description: Network Access Authorization Rules's rel. + type: str + type: + description: Network Access Authorization Rules's type. + type: str + type: dict + type: list + conditionType: + description: <ul><li>Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation</li> <li>Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain + condition data but not both</li> <li>Logical aggreation(and,or) enum indicates + that additional conditions are present under the children field</li></ul>. + type: str + datesRange: + description: <p>Defines for which date/s TimeAndDate condition will be matched<br> + Options are - Date range, for specific date, the same date should be used + for start/end date <br> Default - no specific dates<br> In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)</p>. + suboptions: + endDate: + description: Network Access Authorization Rules's endDate. + type: str + startDate: + description: Network Access Authorization Rules's startDate. + type: str + type: dict + datesRangeException: + description: <p>Defines for which date/s TimeAndDate condition will be matched<br> + Options are - Date range, for specific date, the same date should be used + for start/end date <br> Default - no specific dates<br> In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)</p>. + suboptions: + endDate: + description: Network Access Authorization Rules's endDate. + type: str + startDate: + description: Network Access Authorization Rules's startDate. + type: str + type: dict + description: + description: Condition description. + type: str + dictionaryName: + description: Dictionary name. + type: str + dictionaryValue: + description: Dictionary value. + type: str + hoursRange: + description: <p>Defines for which hours a TimeAndDate condition will be + matched<br> Time format - hh mm ( h = hour , mm = minutes ) <br> Default + - All Day </p>. + suboptions: + endTime: + description: Network Access Authorization Rules's endTime. + type: str + startTime: + description: Network Access Authorization Rules's startTime. + type: str + type: dict + hoursRangeException: + description: <p>Defines for which hours a TimeAndDate condition will be + matched<br> Time format - hh mm ( h = hour , mm = minutes ) <br> Default + - All Day </p>. + suboptions: + endTime: + description: Network Access Authorization Rules's endTime. + type: str + startTime: + description: Network Access Authorization Rules's startTime. + type: str + type: dict + id: + description: Network Access Authorization Rules's id. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Network Access Authorization Rules's link. + suboptions: + href: + description: Network Access Authorization Rules's href. + type: str + rel: + description: Network Access Authorization Rules's rel. + type: str + type: + description: Network Access Authorization Rules's type. + type: str + type: dict + name: + description: Condition name. + type: str + operator: + description: Equality operator. + type: str + weekDays: + description: <p>Defines for which days this condition will be matched<br> + Days format - Arrays of WeekDay enums <br> Default - List of All week + days</p>. + elements: str + type: list + weekDaysException: + description: <p>Defines for which days this condition will NOT be matched<br> + Days format - Arrays of WeekDay enums <br> Default - Not enabled</p>. + elements: str + type: list + type: dict + default: + description: Indicates if this rule is the default one. + type: bool + hitCounts: + description: The amount of times the rule was matched. + type: int + id: + description: The identifier of the rule. + type: str + name: + description: Rule name, Valid characters are alphanumerics, underscore, hyphen, + space, period, parentheses. + type: str + rank: + description: The rank(priority) in relation to other rules. Lower rank is higher + priority. + type: int + state: + description: The state that the rule is in. A disabled rule cannot be matched. + type: str + type: dict + securityGroup: + description: Security group used in authorization policies. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Authorization Rules + description: Complete reference of the Network Access - Authorization Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_authorization_rules.NetworkAccessAuthorizationRules.create_network_access_authorization_rule, + network_access_authorization_rules.NetworkAccessAuthorizationRules.delete_network_access_authorization_rule_by_id, + network_access_authorization_rules.NetworkAccessAuthorizationRules.update_network_access_authorization_rule_by_id, + + - Paths used are + post /network-access/policy-set/{policyId}/authorization, + delete /network-access/policy-set/{policyId}/authorization/{id}, + put /network-access/policy-set/{policyId}/authorization/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.network_access_authorization_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + link: + href: string + rel: string + type: string + policyId: string + profile: + - string + rule: + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + hitCounts: 0 + id: string + name: string + rank: 0 + state: string + securityGroup: string + +- name: Update by id + cisco.ise.network_access_authorization_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + id: string + link: + href: string + rel: string + type: string + policyId: string + profile: + - string + rule: + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + hitCounts: 0 + id: string + name: string + rank: 0 + state: string + securityGroup: string + +- name: Delete by id + cisco.ise.network_access_authorization_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + policyId: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "profile": [ + "string" + ], + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + }, + "securityGroup": "string" + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": { + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "profile": [ + "string" + ], + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + }, + "securityGroup": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_authorization_rules_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_authorization_rules_info.py new file mode 100644 index 00000000..ec93647e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_authorization_rules_info.py @@ -0,0 +1,144 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_authorization_rules_info +short_description: Information module for Network Access Authorization Rules +description: +- Get all Network Access Authorization Rules. +- Get Network Access Authorization Rules by id. +- Network Access - Get authorization rule attributes. +- Network Access - Get authorization rules. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + policyId: + description: + - PolicyId path parameter. Policy id. + type: str + id: + description: + - Id path parameter. Rule id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Authorization Rules + description: Complete reference of the Network Access - Authorization Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_authorization_rules.NetworkAccessAuthorizationRules.get_network_access_authorization_rule_by_id, + network_access_authorization_rules.NetworkAccessAuthorizationRules.get_network_access_authorization_rules, + + - Paths used are + get /network-access/policy-set/{policyId}/authorization, + get /network-access/policy-set/{policyId}/authorization/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Authorization Rules + cisco.ise.network_access_authorization_rules_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + policyId: string + register: result + +- name: Get Network Access Authorization Rules by id + cisco.ise.network_access_authorization_rules_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + policyId: string + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "profile": [ + "string" + ], + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + }, + "securityGroup": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_authorization_rules_reset_hitcount.py b/ansible_collections/cisco/ise/plugins/modules/network_access_authorization_rules_reset_hitcount.py new file mode 100644 index 00000000..55dfe008 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_authorization_rules_reset_hitcount.py @@ -0,0 +1,58 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_authorization_rules_reset_hitcount +short_description: Resource module for Network Access Authorization Rules Reset Hitcount +description: +- Manage operation create of the resource Network Access Authorization Rules Reset Hitcount. +- Network Access - Reset HitCount for Authorization Rules. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + policyId: + description: PolicyId path parameter. Policy id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Authorization Rules + description: Complete reference of the Network Access - Authorization Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_authorization_rules.NetworkAccessAuthorizationRules.reset_hit_counts_network_access_authorization_rules, + + - Paths used are + post /network-access/policy-set/{policyId}/authorization/reset-hitcount, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.network_access_authorization_rules_reset_hitcount: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + policyId: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "message": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_conditions.py b/ansible_collections/cisco/ise/plugins/modules/network_access_conditions.py new file mode 100644 index 00000000..6321335d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_conditions.py @@ -0,0 +1,457 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_conditions +short_description: Resource module for Network Access Conditions +description: +- Manage operations create, update and delete of the resource Network Access Conditions. +- Network Access - Creates a library condition. +- Network Access - Delete a library condition using condition Name. +- Network Access - Delete a library condition. +- Network Access - Update library condition using condition name. +- Network Access - Update library condition. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + attributeName: + description: Dictionary attribute name. + type: str + attributeValue: + description: <ul><li>Attribute value for condition</li> <li>Value type is specified + in dictionary object</li> <li>if multiple values allowed is specified in dictionary + object</li></ul>. + type: str + children: + description: In case type is andBlock or orBlock addtional conditions will be aggregated + under this logical (OR/AND) condition. + elements: dict + suboptions: + conditionType: + description: <ul><li>Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation</li> <li>Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain condition + data but not both</li> <li>Logical aggreation(and,or) enum indicates that + additional conditions are present under the children field</li></ul>. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Network Access Conditions's link. + suboptions: + href: + description: Network Access Conditions's href. + type: str + rel: + description: Network Access Conditions's rel. + type: str + type: + description: Network Access Conditions's type. + type: str + type: dict + type: list + conditionType: + description: <ul><li>Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation</li> <li>Data type enum(reference,single) indicates + than "conditonId" OR "ConditionAttrs" fields should contain condition data but + not both</li> <li>Logical aggreation(and,or) enum indicates that additional conditions + are present under the children field</li></ul>. + type: str + datesRange: + description: <p>Defines for which date/s TimeAndDate condition will be matched<br> + Options are - Date range, for specific date, the same date should be used for + start/end date <br> Default - no specific dates<br> In order to reset the dates + to have no specific dates Date format - yyyy-mm-dd (MM = month, dd = day, yyyy + = year)</p>. + suboptions: + endDate: + description: Network Access Conditions's endDate. + type: str + startDate: + description: Network Access Conditions's startDate. + type: str + type: dict + datesRangeException: + description: <p>Defines for which date/s TimeAndDate condition will be matched<br> + Options are - Date range, for specific date, the same date should be used for + start/end date <br> Default - no specific dates<br> In order to reset the dates + to have no specific dates Date format - yyyy-mm-dd (MM = month, dd = day, yyyy + = year)</p>. + suboptions: + endDate: + description: Network Access Conditions's endDate. + type: str + startDate: + description: Network Access Conditions's startDate. + type: str + type: dict + description: + description: Condition description. + type: str + dictionaryName: + description: Dictionary name. + type: str + dictionaryValue: + description: Dictionary value. + type: str + hoursRange: + description: <p>Defines for which hours a TimeAndDate condition will be matched<br> + Time format - hh mm ( h = hour , mm = minutes ) <br> Default - All Day </p>. + suboptions: + endTime: + description: Network Access Conditions's endTime. + type: str + startTime: + description: Network Access Conditions's startTime. + type: str + type: dict + hoursRangeException: + description: <p>Defines for which hours a TimeAndDate condition will be matched<br> + Time format - hh mm ( h = hour , mm = minutes ) <br> Default - All Day </p>. + suboptions: + endTime: + description: Network Access Conditions's endTime. + type: str + startTime: + description: Network Access Conditions's startTime. + type: str + type: dict + id: + description: Network Access Conditions's id. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Network Access Conditions's link. + suboptions: + href: + description: Network Access Conditions's href. + type: str + rel: + description: Network Access Conditions's rel. + type: str + type: + description: Network Access Conditions's type. + type: str + type: dict + name: + description: Condition name. + type: str + operator: + description: Equality operator. + type: str + weekDays: + description: <p>Defines for which days this condition will be matched<br> Days format + - Arrays of WeekDay enums <br> Default - List of All week days</p>. + elements: str + type: list + weekDaysException: + description: <p>Defines for which days this condition will NOT be matched<br> Days + format - Arrays of WeekDay enums <br> Default - Not enabled</p>. + elements: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Conditions + description: Complete reference of the Network Access - Conditions API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_conditions.NetworkAccessConditions.create_network_access_condition, + network_access_conditions.NetworkAccessConditions.delete_network_access_condition_by_id, + network_access_conditions.NetworkAccessConditions.delete_network_access_condition_by_name, + network_access_conditions.NetworkAccessConditions.update_network_access_condition_by_id, + network_access_conditions.NetworkAccessConditions.update_network_access_condition_by_name, + + - Paths used are + post /network-access/condition, + delete /network-access/condition/condition-by-name/{name}, + delete /network-access/condition/{id}, + put /network-access/condition/condition-by-name/{name}, + put /network-access/condition/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.network_access_conditions: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + +- name: Update by name + cisco.ise.network_access_conditions: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + +- name: Delete by name + cisco.ise.network_access_conditions: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + name: string + +- name: Update by id + cisco.ise.network_access_conditions: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + +- name: Delete by id + cisco.ise.network_access_conditions: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_conditions_for_authentication_rule_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_conditions_for_authentication_rule_info.py new file mode 100644 index 00000000..bb37744f --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_conditions_for_authentication_rule_info.py @@ -0,0 +1,105 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_conditions_for_authentication_rule_info +short_description: Information module for Network Access Conditions For Authentication Rule +description: +- Get all Network Access Conditions For Authentication Rule. +- Network Access - Returns list of library conditions for Authentication rules scope. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Conditions + description: Complete reference of the Network Access - Conditions API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_conditions.NetworkAccessConditions.get_network_access_conditions_for_authentication_rules, + + - Paths used are + get /network-access/condition/authentication, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Conditions For Authentication Rule + cisco.ise.network_access_conditions_for_authentication_rule_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_conditions_for_authorization_rule_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_conditions_for_authorization_rule_info.py new file mode 100644 index 00000000..be93e370 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_conditions_for_authorization_rule_info.py @@ -0,0 +1,105 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_conditions_for_authorization_rule_info +short_description: Information module for Network Access Conditions For Authorization Rule +description: +- Get all Network Access Conditions For Authorization Rule. +- Network Access - Returns list of library conditions for Authorization rules scope. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Conditions + description: Complete reference of the Network Access - Conditions API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_conditions.NetworkAccessConditions.get_network_access_conditions_for_authorization_rules, + + - Paths used are + get /network-access/condition/authorization, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Conditions For Authorization Rule + cisco.ise.network_access_conditions_for_authorization_rule_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_conditions_for_policy_set_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_conditions_for_policy_set_info.py new file mode 100644 index 00000000..a8739b02 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_conditions_for_policy_set_info.py @@ -0,0 +1,105 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_conditions_for_policy_set_info +short_description: Information module for Network Access Conditions For Policy Set +description: +- Get all Network Access Conditions For Policy Set. +- Network Access - Returns list of library conditions for PolicySet scope. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Conditions + description: Complete reference of the Network Access - Conditions API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_conditions.NetworkAccessConditions.get_network_access_conditions_for_policy_sets, + + - Paths used are + get /network-access/condition/policyset, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Conditions For Policy Set + cisco.ise.network_access_conditions_for_policy_set_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_conditions_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_conditions_info.py new file mode 100644 index 00000000..79273501 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_conditions_info.py @@ -0,0 +1,136 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_conditions_info +short_description: Information module for Network Access Conditions +description: +- Get all Network Access Conditions. +- Get Network Access Conditions by id. +- Get Network Access Conditions by name. +- Network Access - Returns a library condition. +- Network Access - Returns a library condition. +- Network Access - Returns all library conditions. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. Condition name. + type: str + id: + description: + - Id path parameter. Condition id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Conditions + description: Complete reference of the Network Access - Conditions API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_conditions.NetworkAccessConditions.get_network_access_condition_by_id, + network_access_conditions.NetworkAccessConditions.get_network_access_condition_by_name, + network_access_conditions.NetworkAccessConditions.get_network_access_conditions, + + - Paths used are + get /network-access/condition, + get /network-access/condition/condition-by-name/{name}, + get /network-access/condition/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Conditions + cisco.ise.network_access_conditions_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +- name: Get Network Access Conditions by id + cisco.ise.network_access_conditions_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get Network Access Conditions by name + cisco.ise.network_access_conditions_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary.py b/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary.py new file mode 100644 index 00000000..161c04bc --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary.py @@ -0,0 +1,155 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_dictionary +short_description: Resource module for Network Access Dictionary +description: +- Manage operations create, update and delete of the resource Network Access Dictionary. +- Network Access - Create a new Dictionary. +- Network Access - Delete a Dictionary. +- Network Access - Update a Dictionary. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + description: + description: The description of the Dictionary. + type: str + dictionaryAttrType: + description: The dictionary attribute type. + type: str + id: + description: Identifier for the dictionary. + type: str + link: + description: Network Access Dictionary's link. + suboptions: + href: + description: Network Access Dictionary's href. + type: str + rel: + description: Network Access Dictionary's rel. + type: str + type: + description: Network Access Dictionary's type. + type: str + type: dict + name: + description: The dictionary name. + type: str + version: + description: The dictionary version. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Dictionary + description: Complete reference of the Network Access - Dictionary API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_dictionary.NetworkAccessDictionary.create_network_access_dictionaries, + network_access_dictionary.NetworkAccessDictionary.delete_network_access_dictionary_by_name, + network_access_dictionary.NetworkAccessDictionary.update_network_access_dictionary_by_name, + + - Paths used are + post /network-access/dictionaries, + delete /network-access/dictionaries/{name}, + put /network-access/dictionaries/{name}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.network_access_dictionary: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + dictionaryAttrType: string + id: string + link: + href: string + rel: string + type: string + name: string + version: string + +- name: Update by name + cisco.ise.network_access_dictionary: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + dictionaryAttrType: string + id: string + link: + href: string + rel: string + type: string + name: string + version: string + +- name: Delete by name + cisco.ise.network_access_dictionary: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + name: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "description": "string", + "dictionaryAttrType": "string", + "id": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "name": "string", + "version": "string" + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": { + "description": "string", + "dictionaryAttrType": "string", + "id": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "name": "string", + "version": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_attribute.py b/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_attribute.py new file mode 100644 index 00000000..4a029c5c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_attribute.py @@ -0,0 +1,176 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_dictionary_attribute +short_description: Resource module for Network Access Dictionary Attribute +description: +- Manage operations create, update and delete of the resource Network Access Dictionary Attribute. +- Create a new Dictionary Attribute for an existing Dictionary. +- Delete a Dictionary Attribute. +- Update a Dictionary Attribute. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + allowedValues: + description: All of the allowed values for the dictionary attribute. + elements: dict + suboptions: + isDefault: + description: True if this key value is the default between the allowed values + of the dictionary attribute. + type: bool + key: + description: Network Access Dictionary Attribute's key. + type: str + value: + description: Network Access Dictionary Attribute's value. + type: str + type: list + dataType: + description: The data type for the dictionary attribute. + type: str + description: + description: The description of the Dictionary attribute. + type: str + dictionaryName: + description: The name of the dictionary which the dictionary attribute belongs to. + type: str + directionType: + description: The direction for the useage of the dictionary attribute. + type: str + id: + description: Identifier for the dictionary attribute. + type: str + internalName: + description: The internal name of the dictionary attribute. + type: str + name: + description: The dictionary attribute's name. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Dictionary Attribute + description: Complete reference of the Network Access - Dictionary Attribute API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_dictionary_attribute.NetworkAccessDictionaryAttribute.create_network_access_dictionary_attribute, + network_access_dictionary_attribute.NetworkAccessDictionaryAttribute.delete_network_access_dictionary_attribute_by_name, + network_access_dictionary_attribute.NetworkAccessDictionaryAttribute.update_network_access_dictionary_attribute_by_name, + + - Paths used are + post /network-access/dictionaries/{dictionaryName}/attribute, + delete /network-access/dictionaries/{dictionaryName}/attribute/{name}, + put /network-access/dictionaries/{dictionaryName}/attribute/{name}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.network_access_dictionary_attribute: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + allowedValues: + - isDefault: true + key: string + value: string + dataType: string + description: string + dictionaryName: string + directionType: string + id: string + internalName: string + name: string + +- name: Update by name + cisco.ise.network_access_dictionary_attribute: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + allowedValues: + - isDefault: true + key: string + value: string + dataType: string + description: string + dictionaryName: string + directionType: string + id: string + internalName: string + name: string + +- name: Delete by name + cisco.ise.network_access_dictionary_attribute: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + dictionaryName: string + name: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "allowedValues": [ + { + "isDefault": true, + "key": "string", + "value": "string" + } + ], + "dataType": "string", + "description": "string", + "dictionaryName": "string", + "directionType": "string", + "id": "string", + "internalName": "string", + "name": "string" + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": { + "allowedValues": [ + { + "isDefault": true, + "key": "string", + "value": "string" + } + ], + "dataType": "string", + "description": "string", + "dictionaryName": "string", + "directionType": "string", + "id": "string", + "internalName": "string", + "name": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_attribute_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_attribute_info.py new file mode 100644 index 00000000..92346b68 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_attribute_info.py @@ -0,0 +1,91 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_dictionary_attribute_info +short_description: Information module for Network Access Dictionary Attribute +description: +- Get all Network Access Dictionary Attribute. +- Get Network Access Dictionary Attribute by name. +- Get a Dictionary Attribute. +- Returns a list of Dictionary Attributes for an existing Dictionary. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + dictionaryName: + description: + - DictionaryName path parameter. The name of the dictionary the dictionary attribute belongs to. + type: str + name: + description: + - Name path parameter. The dictionary attribute name. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Dictionary Attribute + description: Complete reference of the Network Access - Dictionary Attribute API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_dictionary_attribute.NetworkAccessDictionaryAttribute.get_network_access_dictionary_attribute_by_name, + network_access_dictionary_attribute.NetworkAccessDictionaryAttribute.get_network_access_dictionary_attributes_by_dictionary_name, + + - Paths used are + get /network-access/dictionaries/{dictionaryName}/attribute, + get /network-access/dictionaries/{dictionaryName}/attribute/{name}, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Dictionary Attribute + cisco.ise.network_access_dictionary_attribute_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + dictionaryName: string + register: result + +- name: Get Network Access Dictionary Attribute by name + cisco.ise.network_access_dictionary_attribute_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + dictionaryName: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "allowedValues": [ + { + "isDefault": true, + "key": "string", + "value": "string" + } + ], + "dataType": "string", + "description": "string", + "dictionaryName": "string", + "directionType": "string", + "id": "string", + "internalName": "string", + "name": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_attributes_authentication_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_attributes_authentication_info.py new file mode 100644 index 00000000..fc420dbf --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_attributes_authentication_info.py @@ -0,0 +1,71 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_dictionary_attributes_authentication_info +short_description: Information module for Network Access Dictionary Attributes Authentication +description: +- Get all Network Access Dictionary Attributes Authentication. +- Network Access - Returns list of dictionary attributes for authentication. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Dictionary Attributes List + description: Complete reference of the Network Access - Dictionary Attributes List API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_dictionary_attributes_list.NetworkAccessDictionaryAttributesList.get_network_access_dictionaries_authentication, + + - Paths used are + get /network-access/dictionaries/authentication, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Dictionary Attributes Authentication + cisco.ise.network_access_dictionary_attributes_authentication_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "allowedValues": [ + { + "isDefault": true, + "key": "string", + "value": "string" + } + ], + "dataType": "string", + "description": "string", + "dictionaryName": "string", + "directionType": "string", + "id": "string", + "internalName": "string", + "name": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_attributes_authorization_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_attributes_authorization_info.py new file mode 100644 index 00000000..88a0a1f0 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_attributes_authorization_info.py @@ -0,0 +1,71 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_dictionary_attributes_authorization_info +short_description: Information module for Network Access Dictionary Attributes Authorization +description: +- Get all Network Access Dictionary Attributes Authorization. +- Network Access - Returns list of dictionary attributes for authorization. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Dictionary Attributes List + description: Complete reference of the Network Access - Dictionary Attributes List API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_dictionary_attributes_list.NetworkAccessDictionaryAttributesList.get_network_access_dictionaries_authorization, + + - Paths used are + get /network-access/dictionaries/authorization, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Dictionary Attributes Authorization + cisco.ise.network_access_dictionary_attributes_authorization_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "allowedValues": [ + { + "isDefault": true, + "key": "string", + "value": "string" + } + ], + "dataType": "string", + "description": "string", + "dictionaryName": "string", + "directionType": "string", + "id": "string", + "internalName": "string", + "name": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_attributes_policy_set_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_attributes_policy_set_info.py new file mode 100644 index 00000000..4d82fae8 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_attributes_policy_set_info.py @@ -0,0 +1,71 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_dictionary_attributes_policy_set_info +short_description: Information module for Network Access Dictionary Attributes Policy Set +description: +- Get all Network Access Dictionary Attributes Policy Set. +- Network Access - Returns list of dictionary attributes for policyset. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Dictionary Attributes List + description: Complete reference of the Network Access - Dictionary Attributes List API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_dictionary_attributes_list.NetworkAccessDictionaryAttributesList.get_network_access_dictionaries_policy_set, + + - Paths used are + get /network-access/dictionaries/policyset, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Dictionary Attributes Policy Set + cisco.ise.network_access_dictionary_attributes_policy_set_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "allowedValues": [ + { + "isDefault": true, + "key": "string", + "value": "string" + } + ], + "dataType": "string", + "description": "string", + "dictionaryName": "string", + "directionType": "string", + "id": "string", + "internalName": "string", + "name": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_info.py new file mode 100644 index 00000000..4334d517 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_dictionary_info.py @@ -0,0 +1,81 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_dictionary_info +short_description: Information module for Network Access Dictionary +description: +- Get all Network Access Dictionary. +- Get Network Access Dictionary by name. +- GET a dictionary by name. +- Get all Dictionaries. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. The dictionary name. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Dictionary + description: Complete reference of the Network Access - Dictionary API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_dictionary.NetworkAccessDictionary.get_network_access_dictionaries, + network_access_dictionary.NetworkAccessDictionary.get_network_access_dictionary_by_name, + + - Paths used are + get /network-access/dictionaries, + get /network-access/dictionaries/{name}, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Dictionary + cisco.ise.network_access_dictionary_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +- name: Get Network Access Dictionary by name + cisco.ise.network_access_dictionary_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "description": "string", + "dictionaryAttrType": "string", + "id": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "name": "string", + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_global_exception_rules.py b/ansible_collections/cisco/ise/plugins/modules/network_access_global_exception_rules.py new file mode 100644 index 00000000..67f0456d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_global_exception_rules.py @@ -0,0 +1,521 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_global_exception_rules +short_description: Resource module for Network Access Global Exception Rules +description: +- Manage operations create, update and delete of the resource Network Access Global Exception Rules. +- Network Access - Create global exception authorization rule. +- Network Access - Delete global exception authorization rule. +- Network Access - Update global exception authorization rule. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + id: + description: Id path parameter. Rule id. + type: str + link: + description: Network Access Global Exception Rules's link. + suboptions: + href: + description: Network Access Global Exception Rules's href. + type: str + rel: + description: Network Access Global Exception Rules's rel. + type: str + type: + description: Network Access Global Exception Rules's type. + type: str + type: dict + profile: + description: The authorization profile/s. + elements: str + type: list + rule: + description: Common attributes in rule authentication/authorization. + suboptions: + condition: + description: Network Access Global Exception Rules's condition. + suboptions: + attributeName: + description: Dictionary attribute name. + type: str + attributeValue: + description: <ul><li>Attribute value for condition</li> <li>Value type is + specified in dictionary object</li> <li>if multiple values allowed is + specified in dictionary object</li></ul>. + type: str + children: + description: In case type is andBlock or orBlock addtional conditions will + be aggregated under this logical (OR/AND) condition. + elements: dict + suboptions: + conditionType: + description: <ul><li>Inidicates whether the record is the condition + itself(data) or a logical(or,and) aggregation</li> <li>Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain + condition data but not both</li> <li>Logical aggreation(and,or) enum + indicates that additional conditions are present under the children + field</li></ul>. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Network Access Global Exception Rules's link. + suboptions: + href: + description: Network Access Global Exception Rules's href. + type: str + rel: + description: Network Access Global Exception Rules's rel. + type: str + type: + description: Network Access Global Exception Rules's type. + type: str + type: dict + type: list + conditionType: + description: <ul><li>Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation</li> <li>Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain + condition data but not both</li> <li>Logical aggreation(and,or) enum indicates + that additional conditions are present under the children field</li></ul>. + type: str + datesRange: + description: <p>Defines for which date/s TimeAndDate condition will be matched<br> + Options are - Date range, for specific date, the same date should be used + for start/end date <br> Default - no specific dates<br> In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)</p>. + suboptions: + endDate: + description: Network Access Global Exception Rules's endDate. + type: str + startDate: + description: Network Access Global Exception Rules's startDate. + type: str + type: dict + datesRangeException: + description: <p>Defines for which date/s TimeAndDate condition will be matched<br> + Options are - Date range, for specific date, the same date should be used + for start/end date <br> Default - no specific dates<br> In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)</p>. + suboptions: + endDate: + description: Network Access Global Exception Rules's endDate. + type: str + startDate: + description: Network Access Global Exception Rules's startDate. + type: str + type: dict + description: + description: Condition description. + type: str + dictionaryName: + description: Dictionary name. + type: str + dictionaryValue: + description: Dictionary value. + type: str + hoursRange: + description: <p>Defines for which hours a TimeAndDate condition will be + matched<br> Time format - hh mm ( h = hour , mm = minutes ) <br> Default + - All Day </p>. + suboptions: + endTime: + description: Network Access Global Exception Rules's endTime. + type: str + startTime: + description: Network Access Global Exception Rules's startTime. + type: str + type: dict + hoursRangeException: + description: <p>Defines for which hours a TimeAndDate condition will be + matched<br> Time format - hh mm ( h = hour , mm = minutes ) <br> Default + - All Day </p>. + suboptions: + endTime: + description: Network Access Global Exception Rules's endTime. + type: str + startTime: + description: Network Access Global Exception Rules's startTime. + type: str + type: dict + id: + description: Network Access Global Exception Rules's id. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Network Access Global Exception Rules's link. + suboptions: + href: + description: Network Access Global Exception Rules's href. + type: str + rel: + description: Network Access Global Exception Rules's rel. + type: str + type: + description: Network Access Global Exception Rules's type. + type: str + type: dict + name: + description: Condition name. + type: str + operator: + description: Equality operator. + type: str + weekDays: + description: <p>Defines for which days this condition will be matched<br> + Days format - Arrays of WeekDay enums <br> Default - List of All week + days</p>. + elements: str + type: list + weekDaysException: + description: <p>Defines for which days this condition will NOT be matched<br> + Days format - Arrays of WeekDay enums <br> Default - Not enabled</p>. + elements: str + type: list + type: dict + default: + description: Indicates if this rule is the default one. + type: bool + hitCounts: + description: The amount of times the rule was matched. + type: int + id: + description: The identifier of the rule. + type: str + name: + description: Rule name, Valid characters are alphanumerics, underscore, hyphen, + space, period, parentheses. + type: str + rank: + description: The rank(priority) in relation to other rules. Lower rank is higher + priority. + type: int + state: + description: The state that the rule is in. A disabled rule cannot be matched. + type: str + type: dict + securityGroup: + description: Security group used in authorization policies. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Authorization Global Exception Rules + description: Complete reference of the Network Access - Authorization Global Exception Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_authorization_global_exception_rules.NetworkAccessAuthorizationGlobalExceptionRules.create_network_access_policy_set_global_exception_rule, + network_access_authorization_global_exception_rules.NetworkAccessAuthorizationGlobalExceptionRules.delete_network_access_policy_set_global_exception_rule_by_id, + network_access_authorization_global_exception_rules.NetworkAccessAuthorizationGlobalExceptionRules.update_network_access_policy_set_global_exception_rule_by_id, + + - Paths used are + post /network-access/policy-set/global-exception, + delete /network-access/policy-set/global-exception/{id}, + put /network-access/policy-set/global-exception/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.network_access_global_exception_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + link: + href: string + rel: string + type: string + profile: + - string + rule: + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + hitCounts: 0 + id: string + name: string + rank: 0 + state: string + securityGroup: string + +- name: Update by id + cisco.ise.network_access_global_exception_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + id: string + link: + href: string + rel: string + type: string + profile: + - string + rule: + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + hitCounts: 0 + id: string + name: string + rank: 0 + state: string + securityGroup: string + +- name: Delete by id + cisco.ise.network_access_global_exception_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "profile": [ + "string" + ], + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + }, + "securityGroup": "string" + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": { + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "profile": [ + "string" + ], + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + }, + "securityGroup": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_global_exception_rules_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_global_exception_rules_info.py new file mode 100644 index 00000000..168ed354 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_global_exception_rules_info.py @@ -0,0 +1,138 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_global_exception_rules_info +short_description: Information module for Network Access Global Exception Rules +description: +- Get all Network Access Global Exception Rules. +- Get Network Access Global Exception Rules by id. +- Network Access - Get global exception rule attributes. +- Network Access - Get global execption rules. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. Rule id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Authorization Global Exception Rules + description: Complete reference of the Network Access - Authorization Global Exception Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_authorization_global_exception_rules.NetworkAccessAuthorizationGlobalExceptionRules.get_network_access_policy_set_global_exception_rule_by_id, + network_access_authorization_global_exception_rules.NetworkAccessAuthorizationGlobalExceptionRules.get_network_access_policy_set_global_exception_rules, + + - Paths used are + get /network-access/policy-set/global-exception, + get /network-access/policy-set/global-exception/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Global Exception Rules + cisco.ise.network_access_global_exception_rules_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +- name: Get Network Access Global Exception Rules by id + cisco.ise.network_access_global_exception_rules_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "profile": [ + "string" + ], + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + }, + "securityGroup": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_global_exception_rules_reset_hitcount.py b/ansible_collections/cisco/ise/plugins/modules/network_access_global_exception_rules_reset_hitcount.py new file mode 100644 index 00000000..8047fc1d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_global_exception_rules_reset_hitcount.py @@ -0,0 +1,54 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_global_exception_rules_reset_hitcount +short_description: Resource module for Network Access Global Exception Rules Reset Hitcount +description: +- Manage operation create of the resource Network Access Global Exception Rules Reset Hitcount. +- Network Access - Reset HitCount for Global Exceptions. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Authorization Global Exception Rules + description: Complete reference of the Network Access - Authorization Global Exception Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_authorization_global_exception_rules.NetworkAccessAuthorizationGlobalExceptionRules.reset_hit_counts_network_access_global_exceptions, + + - Paths used are + post /network-access/policy-set/global-exception/reset-hitcount, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.network_access_global_exception_rules_reset_hitcount: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "message": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_identity_stores_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_identity_stores_info.py new file mode 100644 index 00000000..5bdc15cf --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_identity_stores_info.py @@ -0,0 +1,59 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_identity_stores_info +short_description: Information module for Network Access Identity Stores +description: +- Get all Network Access Identity Stores. +- Network Access - Return list of identity stores for authentication policy. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Identity Stores + description: Complete reference of the Network Access - Identity Stores API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_identity_stores.NetworkAccessIdentityStores.get_network_access_identity_stores, + + - Paths used are + get /network-access/identity-stores, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Identity Stores + cisco.ise.network_access_identity_stores_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_local_exception_rules.py b/ansible_collections/cisco/ise/plugins/modules/network_access_local_exception_rules.py new file mode 100644 index 00000000..8f88a5fa --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_local_exception_rules.py @@ -0,0 +1,527 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_local_exception_rules +short_description: Resource module for Network Access Local Exception Rules +description: +- Manage operations create, update and delete of the resource Network Access Local Exception Rules. +- Network Access - Create local authorization exception rule. +- Network Access - Delete local exception rule. +- Network Access - Update local exception rule. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + id: + description: Id path parameter. Rule id. + type: str + link: + description: Network Access Local Exception Rules's link. + suboptions: + href: + description: Network Access Local Exception Rules's href. + type: str + rel: + description: Network Access Local Exception Rules's rel. + type: str + type: + description: Network Access Local Exception Rules's type. + type: str + type: dict + policyId: + description: PolicyId path parameter. Policy id. + type: str + profile: + description: The authorization profile/s. + elements: str + type: list + rule: + description: Common attributes in rule authentication/authorization. + suboptions: + condition: + description: Network Access Local Exception Rules's condition. + suboptions: + attributeName: + description: Dictionary attribute name. + type: str + attributeValue: + description: <ul><li>Attribute value for condition</li> <li>Value type is + specified in dictionary object</li> <li>if multiple values allowed is + specified in dictionary object</li></ul>. + type: str + children: + description: In case type is andBlock or orBlock addtional conditions will + be aggregated under this logical (OR/AND) condition. + elements: dict + suboptions: + conditionType: + description: <ul><li>Inidicates whether the record is the condition + itself(data) or a logical(or,and) aggregation</li> <li>Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain + condition data but not both</li> <li>Logical aggreation(and,or) enum + indicates that additional conditions are present under the children + field</li></ul>. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Network Access Local Exception Rules's link. + suboptions: + href: + description: Network Access Local Exception Rules's href. + type: str + rel: + description: Network Access Local Exception Rules's rel. + type: str + type: + description: Network Access Local Exception Rules's type. + type: str + type: dict + type: list + conditionType: + description: <ul><li>Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation</li> <li>Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain + condition data but not both</li> <li>Logical aggreation(and,or) enum indicates + that additional conditions are present under the children field</li></ul>. + type: str + datesRange: + description: <p>Defines for which date/s TimeAndDate condition will be matched<br> + Options are - Date range, for specific date, the same date should be used + for start/end date <br> Default - no specific dates<br> In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)</p>. + suboptions: + endDate: + description: Network Access Local Exception Rules's endDate. + type: str + startDate: + description: Network Access Local Exception Rules's startDate. + type: str + type: dict + datesRangeException: + description: <p>Defines for which date/s TimeAndDate condition will be matched<br> + Options are - Date range, for specific date, the same date should be used + for start/end date <br> Default - no specific dates<br> In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)</p>. + suboptions: + endDate: + description: Network Access Local Exception Rules's endDate. + type: str + startDate: + description: Network Access Local Exception Rules's startDate. + type: str + type: dict + description: + description: Condition description. + type: str + dictionaryName: + description: Dictionary name. + type: str + dictionaryValue: + description: Dictionary value. + type: str + hoursRange: + description: <p>Defines for which hours a TimeAndDate condition will be + matched<br> Time format - hh mm ( h = hour , mm = minutes ) <br> Default + - All Day </p>. + suboptions: + endTime: + description: Network Access Local Exception Rules's endTime. + type: str + startTime: + description: Network Access Local Exception Rules's startTime. + type: str + type: dict + hoursRangeException: + description: <p>Defines for which hours a TimeAndDate condition will be + matched<br> Time format - hh mm ( h = hour , mm = minutes ) <br> Default + - All Day </p>. + suboptions: + endTime: + description: Network Access Local Exception Rules's endTime. + type: str + startTime: + description: Network Access Local Exception Rules's startTime. + type: str + type: dict + id: + description: Network Access Local Exception Rules's id. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Network Access Local Exception Rules's link. + suboptions: + href: + description: Network Access Local Exception Rules's href. + type: str + rel: + description: Network Access Local Exception Rules's rel. + type: str + type: + description: Network Access Local Exception Rules's type. + type: str + type: dict + name: + description: Condition name. + type: str + operator: + description: Equality operator. + type: str + weekDays: + description: <p>Defines for which days this condition will be matched<br> + Days format - Arrays of WeekDay enums <br> Default - List of All week + days</p>. + elements: str + type: list + weekDaysException: + description: <p>Defines for which days this condition will NOT be matched<br> + Days format - Arrays of WeekDay enums <br> Default - Not enabled</p>. + elements: str + type: list + type: dict + default: + description: Indicates if this rule is the default one. + type: bool + hitCounts: + description: The amount of times the rule was matched. + type: int + id: + description: The identifier of the rule. + type: str + name: + description: Rule name, Valid characters are alphanumerics, underscore, hyphen, + space, period, parentheses. + type: str + rank: + description: The rank(priority) in relation to other rules. Lower rank is higher + priority. + type: int + state: + description: The state that the rule is in. A disabled rule cannot be matched. + type: str + type: dict + securityGroup: + description: Security group used in authorization policies. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Authorization Exception Rules + description: Complete reference of the Network Access - Authorization Exception Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_authorization_exception_rules.NetworkAccessAuthorizationExceptionRules.create_network_access_local_exception_rule, + network_access_authorization_exception_rules.NetworkAccessAuthorizationExceptionRules.delete_network_access_local_exception_rule_by_id, + network_access_authorization_exception_rules.NetworkAccessAuthorizationExceptionRules.update_network_access_local_exception_rule_by_id, + + - Paths used are + post /network-access/policy-set/{policyId}/exception, + delete /network-access/policy-set/{policyId}/exception/{id}, + put /network-access/policy-set/{policyId}/exception/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.network_access_local_exception_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + link: + href: string + rel: string + type: string + policyId: string + profile: + - string + rule: + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + hitCounts: 0 + id: string + name: string + rank: 0 + state: string + securityGroup: string + +- name: Update by id + cisco.ise.network_access_local_exception_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + id: string + link: + href: string + rel: string + type: string + policyId: string + profile: + - string + rule: + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + hitCounts: 0 + id: string + name: string + rank: 0 + state: string + securityGroup: string + +- name: Delete by id + cisco.ise.network_access_local_exception_rules: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + policyId: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "profile": [ + "string" + ], + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + }, + "securityGroup": "string" + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": { + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "profile": [ + "string" + ], + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + }, + "securityGroup": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_local_exception_rules_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_local_exception_rules_info.py new file mode 100644 index 00000000..d93c9bef --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_local_exception_rules_info.py @@ -0,0 +1,144 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_local_exception_rules_info +short_description: Information module for Network Access Local Exception Rules +description: +- Get all Network Access Local Exception Rules. +- Get Network Access Local Exception Rules by id. +- Network Access - Get local exception rule attributes. +- Network Access - Get local exception rules. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + policyId: + description: + - PolicyId path parameter. Policy id. + type: str + id: + description: + - Id path parameter. Rule id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Authorization Exception Rules + description: Complete reference of the Network Access - Authorization Exception Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_authorization_exception_rules.NetworkAccessAuthorizationExceptionRules.get_network_access_local_exception_rule_by_id, + network_access_authorization_exception_rules.NetworkAccessAuthorizationExceptionRules.get_network_access_local_exception_rules, + + - Paths used are + get /network-access/policy-set/{policyId}/exception, + get /network-access/policy-set/{policyId}/exception/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Local Exception Rules + cisco.ise.network_access_local_exception_rules_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + policyId: string + register: result + +- name: Get Network Access Local Exception Rules by id + cisco.ise.network_access_local_exception_rules_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + policyId: string + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "profile": [ + "string" + ], + "rule": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "hitCounts": 0, + "id": "string", + "name": "string", + "rank": 0, + "state": "string" + }, + "securityGroup": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_local_exception_rules_reset_hitcounts.py b/ansible_collections/cisco/ise/plugins/modules/network_access_local_exception_rules_reset_hitcounts.py new file mode 100644 index 00000000..25751d4b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_local_exception_rules_reset_hitcounts.py @@ -0,0 +1,58 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_local_exception_rules_reset_hitcounts +short_description: Resource module for Network Access Local Exception Rules Reset Hitcounts +description: +- Manage operation create of the resource Network Access Local Exception Rules Reset Hitcounts. +- Network Access - Reset HitCount for local exceptions. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + policyId: + description: PolicyId path parameter. Policy id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Authorization Exception Rules + description: Complete reference of the Network Access - Authorization Exception Rules API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_authorization_exception_rules.NetworkAccessAuthorizationExceptionRules.reset_hit_counts_network_access_local_exceptions, + + - Paths used are + post /network-access/policy-set/{policyId}/exception/reset-hitcount, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.network_access_local_exception_rules_reset_hitcounts: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + policyId: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "message": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_network_condition.py b/ansible_collections/cisco/ise/plugins/modules/network_access_network_condition.py new file mode 100644 index 00000000..bbdfb592 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_network_condition.py @@ -0,0 +1,228 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_network_condition +short_description: Resource module for Network Access Network Condition +description: +- Manage operations create, update and delete of the resource Network Access Network Condition. +- Network Access - Creates network condition. +- Network Access - Delete network condition. +- Network Access - Update network condition. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + cliDnisList: + description: <p>This field should contain a Caller ID (CLI), comma, and Called ID + (DNIS).<br> Line format - Caller ID (CLI), Called ID (DNIS)</p>. + elements: str + type: list + conditionType: + description: This field determines the content of the conditions field. + type: str + description: + description: Network Access Network Condition's description. + type: str + deviceGroupList: + description: <p>This field should contain a NDG Root, comma, and an NDG + (that it under the root).<br> Line format - NDG Root Name, NDG, Port</p>. + elements: str + type: list + deviceList: + description: <p>This field should contain Device-Name,port-number. The device + name must be the same as the name field in a Network Device object.<br> Line + format - Device Name,Port</p>. + elements: str + type: list + id: + description: Network Access Network Condition's id. + type: str + ipAddrList: + description: <p>This field should contain IP-address-or-subnet,port number<br> + IP address can be IPV4 format (n.n.n.n) or IPV6 format (n n n n n n n n).<br> + IP subnet can be IPV4 format (n.n.n.n/m) or IPV6 format (n n n n n n n n/m).<br> + Line format - IP Address or subnet,Port</p>. + elements: str + type: list + link: + description: Network Access Network Condition's link. + suboptions: + href: + description: Network Access Network Condition's href. + type: str + rel: + description: Network Access Network Condition's rel. + type: str + type: + description: Network Access Network Condition's type. + type: str + type: dict + macAddrList: + description: <p>This field should contain Endstation MAC address, comma, and + Destination MAC addresses.<br> Each Max address must include twelve hexadecimal + digits using formats nn nn nn nn nn nn or nn-nn-nn-nn-nn-nn or nnnn.nnnn.nnnn + or nnnnnnnnnnnn.<br> Line format - Endstation MAC,Destination MAC </p>. + elements: str + type: list + name: + description: Network Condition name. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Network Conditions + description: Complete reference of the Network Access - Network Conditions API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_network_conditions.NetworkAccessNetworkConditions.create_network_access_network_condition, + network_access_network_conditions.NetworkAccessNetworkConditions.delete_network_access_network_condition_by_id, + network_access_network_conditions.NetworkAccessNetworkConditions.update_network_access_network_condition_by_id, + + - Paths used are + post /network-access/network-condition, + delete /network-access/network-condition/{id}, + put /network-access/network-condition/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.network_access_network_condition: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + cliDnisList: + - string + conditionType: string + description: string + deviceGroupList: + - string + deviceList: + - string + id: string + ipAddrList: + - string + link: + href: string + rel: string + type: string + macAddrList: + - string + name: string + +- name: Update by id + cisco.ise.network_access_network_condition: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + cliDnisList: + - string + conditionType: string + description: string + deviceGroupList: + - string + deviceList: + - string + id: string + ipAddrList: + - string + link: + href: string + rel: string + type: string + macAddrList: + - string + name: string + +- name: Delete by id + cisco.ise.network_access_network_condition: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "conditionType": "string", + "description": "string", + "id": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "name": "string", + "deviceList": [ + "string" + ], + "cliDnisList": [ + "string" + ], + "ipAddrList": [ + "string" + ], + "macAddrList": [ + "string" + ], + "deviceGroupList": [ + "string" + ] + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": { + "conditionType": "string", + "description": "string", + "id": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "name": "string", + "deviceList": [ + "string" + ], + "cliDnisList": [ + "string" + ], + "ipAddrList": [ + "string" + ], + "macAddrList": [ + "string" + ], + "deviceGroupList": [ + "string" + ] + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_network_condition_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_network_condition_info.py new file mode 100644 index 00000000..8d4f5aef --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_network_condition_info.py @@ -0,0 +1,95 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_network_condition_info +short_description: Information module for Network Access Network Condition +description: +- Get all Network Access Network Condition. +- Get Network Access Network Condition by id. +- Network Access - Returns a list of network conditions. +- Network Access - Returns a network condition. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. Condition id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Network Conditions + description: Complete reference of the Network Access - Network Conditions API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_network_conditions.NetworkAccessNetworkConditions.get_network_access_network_condition_by_id, + network_access_network_conditions.NetworkAccessNetworkConditions.get_network_access_network_conditions, + + - Paths used are + get /network-access/network-condition, + get /network-access/network-condition/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Network Condition + cisco.ise.network_access_network_condition_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +- name: Get Network Access Network Condition by id + cisco.ise.network_access_network_condition_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "conditionType": "string", + "description": "string", + "id": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "name": "string", + "deviceList": [ + "string" + ], + "cliDnisList": [ + "string" + ], + "ipAddrList": [ + "string" + ], + "macAddrList": [ + "string" + ], + "deviceGroupList": [ + "string" + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_policy_set.py b/ansible_collections/cisco/ise/plugins/modules/network_access_policy_set.py new file mode 100644 index 00000000..5d7e27b0 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_policy_set.py @@ -0,0 +1,505 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_policy_set +short_description: Resource module for Network Access Policy Set +description: +- Manage operations create, update and delete of the resource Network Access Policy Set. +- Network Access - Create a new policy set. +- Network Access - Delete a policy set. +- Network Access - Update a policy set. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + condition: + description: Network Access Policy Set's condition. + suboptions: + attributeName: + description: Dictionary attribute name. + type: str + attributeValue: + description: <ul><li>Attribute value for condition</li> <li>Value type is specified + in dictionary object</li> <li>if multiple values allowed is specified in dictionary + object</li></ul>. + type: str + children: + description: In case type is andBlock or orBlock addtional conditions will be + aggregated under this logical (OR/AND) condition. + elements: dict + suboptions: + conditionType: + description: <ul><li>Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation</li> <li>Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain + condition data but not both</li> <li>Logical aggreation(and,or) enum indicates + that additional conditions are present under the children field</li></ul>. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Network Access Policy Set's link. + suboptions: + href: + description: Network Access Policy Set's href. + type: str + rel: + description: Network Access Policy Set's rel. + type: str + type: + description: Network Access Policy Set's type. + type: str + type: dict + type: list + conditionType: + description: <ul><li>Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation</li> <li>Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain condition + data but not both</li> <li>Logical aggreation(and,or) enum indicates that + additional conditions are present under the children field</li></ul>. + type: str + datesRange: + description: <p>Defines for which date/s TimeAndDate condition will be matched<br> + Options are - Date range, for specific date, the same date should be used + for start/end date <br> Default - no specific dates<br> In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)</p>. + suboptions: + endDate: + description: Network Access Policy Set's endDate. + type: str + startDate: + description: Network Access Policy Set's startDate. + type: str + type: dict + datesRangeException: + description: <p>Defines for which date/s TimeAndDate condition will be matched<br> + Options are - Date range, for specific date, the same date should be used + for start/end date <br> Default - no specific dates<br> In order to reset + the dates to have no specific dates Date format - yyyy-mm-dd (MM = month, + dd = day, yyyy = year)</p>. + suboptions: + endDate: + description: Network Access Policy Set's endDate. + type: str + startDate: + description: Network Access Policy Set's startDate. + type: str + type: dict + description: + description: Condition description. + type: str + dictionaryName: + description: Dictionary name. + type: str + dictionaryValue: + description: Dictionary value. + type: str + hoursRange: + description: <p>Defines for which hours a TimeAndDate condition will be matched<br> + Time format - hh mm ( h = hour , mm = minutes ) <br> Default - All Day </p>. + suboptions: + endTime: + description: Network Access Policy Set's endTime. + type: str + startTime: + description: Network Access Policy Set's startTime. + type: str + type: dict + hoursRangeException: + description: <p>Defines for which hours a TimeAndDate condition will be matched<br> + Time format - hh mm ( h = hour , mm = minutes ) <br> Default - All Day </p>. + suboptions: + endTime: + description: Network Access Policy Set's endTime. + type: str + startTime: + description: Network Access Policy Set's startTime. + type: str + type: dict + id: + description: Network Access Policy Set's id. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Network Access Policy Set's link. + suboptions: + href: + description: Network Access Policy Set's href. + type: str + rel: + description: Network Access Policy Set's rel. + type: str + type: + description: Network Access Policy Set's type. + type: str + type: dict + name: + description: Condition name. + type: str + operator: + description: Equality operator. + type: str + weekDays: + description: <p>Defines for which days this condition will be matched<br> Days + format - Arrays of WeekDay enums <br> Default - List of All week days</p>. + elements: str + type: list + weekDaysException: + description: <p>Defines for which days this condition will NOT be matched<br> + Days format - Arrays of WeekDay enums <br> Default - Not enabled</p>. + elements: str + type: list + type: dict + default: + description: Flag which indicates if this policy set is the default one. + type: bool + description: + description: The description for the policy set. + type: str + hitCounts: + description: The amount of times the policy was matched. + type: int + id: + description: Identifier for the policy set. + type: str + isProxy: + description: Flag which indicates if the policy set service is of type 'Proxy Sequence' + or 'Allowed Protocols'. + type: bool + link: + description: Network Access Policy Set's link. + suboptions: + href: + description: Network Access Policy Set's href. + type: str + rel: + description: Network Access Policy Set's rel. + type: str + type: + description: Network Access Policy Set's type. + type: str + type: dict + name: + description: Given name for the policy set, Valid characters are alphanumerics, + underscore, hyphen, space, period, parentheses. + type: str + rank: + description: The rank(priority) in relation to other policy set. Lower rank is higher + priority. + type: int + serviceName: + description: Policy set service identifier - Allowed Protocols,Server Sequence.. + type: str + state_: + description: The state that the policy set is in. A disabled policy set cannot be + matched. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Policy Set + description: Complete reference of the Network Access - Policy Set API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_policy_set.NetworkAccessPolicySet.create_network_access_policy_set, + network_access_policy_set.NetworkAccessPolicySet.delete_network_access_policy_set_by_id, + network_access_policy_set.NetworkAccessPolicySet.update_network_access_policy_set_by_id, + + - Paths used are + post /network-access/policy-set, + delete /network-access/policy-set/{id}, + put /network-access/policy-set/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.network_access_policy_set: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + description: string + hitCounts: 0 + id: string + isProxy: true + link: + href: string + rel: string + type: string + name: string + rank: 0 + serviceName: string + state_: string + +- name: Update by id + cisco.ise.network_access_policy_set: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + condition: + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + default: true + description: string + hitCounts: 0 + id: string + isProxy: true + link: + href: string + rel: string + type: string + name: string + rank: 0 + serviceName: string + state_: string + +- name: Delete by id + cisco.ise.network_access_policy_set: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "description": "string", + "hitCounts": 0, + "id": "string", + "isProxy": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "name": "string", + "rank": 0, + "serviceName": "string", + "state": "string" + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "description": "string", + "hitCounts": 0, + "id": "string", + "isProxy": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "name": "string", + "rank": 0, + "serviceName": "string", + "state": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_policy_set_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_policy_set_info.py new file mode 100644 index 00000000..eb151584 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_policy_set_info.py @@ -0,0 +1,135 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_policy_set_info +short_description: Information module for Network Access Policy Set +description: +- Get all Network Access Policy Set. +- Get Network Access Policy Set by id. +- Get all network access policy sets. +- Network Access - Get policy set attributes. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. Policy id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Policy Set + description: Complete reference of the Network Access - Policy Set API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_policy_set.NetworkAccessPolicySet.get_network_access_policy_set_by_id, + network_access_policy_set.NetworkAccessPolicySet.get_network_access_policy_sets, + + - Paths used are + get /network-access/policy-set, + get /network-access/policy-set/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Policy Set + cisco.ise.network_access_policy_set_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +- name: Get Network Access Policy Set by id + cisco.ise.network_access_policy_set_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "condition": { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "description": "string", + "id": "string", + "name": "string", + "attributeName": "string", + "attributeValue": "string", + "dictionaryName": "string", + "dictionaryValue": "string", + "operator": "string", + "children": [ + { + "conditionType": "string", + "isNegate": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + } + } + ], + "datesRange": { + "endDate": "string", + "startDate": "string" + }, + "datesRangeException": { + "endDate": "string", + "startDate": "string" + }, + "hoursRange": { + "endTime": "string", + "startTime": "string" + }, + "hoursRangeException": { + "endTime": "string", + "startTime": "string" + }, + "weekDays": [ + "string" + ], + "weekDaysException": [ + "string" + ] + }, + "default": true, + "description": "string", + "hitCounts": 0, + "id": "string", + "isProxy": true, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "name": "string", + "rank": 0, + "serviceName": "string", + "state": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_policy_set_reset_hitcount.py b/ansible_collections/cisco/ise/plugins/modules/network_access_policy_set_reset_hitcount.py new file mode 100644 index 00000000..66f6b6ca --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_policy_set_reset_hitcount.py @@ -0,0 +1,54 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_policy_set_reset_hitcount +short_description: Resource module for Network Access Policy Set Reset Hitcount +description: +- Manage operation create of the resource Network Access Policy Set Reset Hitcount. +- Network Access - Reset HitCount for PolicySets. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Policy Set + description: Complete reference of the Network Access - Policy Set API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_policy_set.NetworkAccessPolicySet.reset_hit_counts_network_access_policy_sets, + + - Paths used are + post /network-access/policy-set/reset-hitcount, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.network_access_policy_set_reset_hitcount: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "message": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_profiles_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_profiles_info.py new file mode 100644 index 00000000..74a8ea78 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_profiles_info.py @@ -0,0 +1,59 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_profiles_info +short_description: Information module for Network Access Profiles +description: +- Get all Network Access Profiles. +- Network Access - Returns list of authorization profiles. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Profiles + description: Complete reference of the Network Access - Profiles API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_profiles.NetworkAccessProfiles.get_network_access_profiles, + + - Paths used are + get /network-access/authorization-profiles, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Profiles + cisco.ise.network_access_profiles_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_security_groups_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_security_groups_info.py new file mode 100644 index 00000000..660fab70 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_security_groups_info.py @@ -0,0 +1,59 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_security_groups_info +short_description: Information module for Network Access Security Groups +description: +- Get all Network Access Security Groups. +- Network Access - Return list of available security groups for authorization. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Security Groups + description: Complete reference of the Network Access - Security Groups API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_security_groups.NetworkAccessSecurityGroups.get_network_access_security_groups, + + - Paths used are + get /network-access/security-groups, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Security Groups + cisco.ise.network_access_security_groups_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_service_name_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_service_name_info.py new file mode 100644 index 00000000..3bcb433a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_service_name_info.py @@ -0,0 +1,61 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_service_name_info +short_description: Information module for Network Access Service Name +description: +- Get all Network Access Service Name. +- Returns list of Allowed Protocols and Server Sequences for Network Access. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Service Names + description: Complete reference of the Network Access - Service Names API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_service_names.NetworkAccessServiceNames.get_network_access_service_names, + + - Paths used are + get /network-access/service-names, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Service Name + cisco.ise.network_access_service_name_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "id": "string", + "isLocalAuthorization": true, + "name": "string", + "serviceType": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_time_date_conditions.py b/ansible_collections/cisco/ise/plugins/modules/network_access_time_date_conditions.py new file mode 100644 index 00000000..15d98144 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_time_date_conditions.py @@ -0,0 +1,299 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_time_date_conditions +short_description: Resource module for Network Access Time Date Conditions +description: +- Manage operations create, update and delete of the resource Network Access Time Date Conditions. +- Network Access - Creates time/date condition. +- Network Access - Delete Time/Date condition. +- Network Access - Update network condition. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + attributeName: + description: Dictionary attribute name. + type: str + attributeValue: + description: <ul><li>Attribute value for condition</li> <li>Value type is specified + in dictionary object</li> <li>if multiple values allowed is specified in dictionary + object</li></ul>. + type: str + children: + description: In case type is andBlock or orBlock addtional conditions will be aggregated + under this logical (OR/AND) condition. + elements: dict + suboptions: + conditionType: + description: <ul><li>Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation</li> <li>Data type enum(reference,single) + indicates than "conditonId" OR "ConditionAttrs" fields should contain condition + data but not both</li> <li>Logical aggreation(and,or) enum indicates that + additional conditions are present under the children field</li></ul>. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Network Access Time Date Conditions's link. + suboptions: + href: + description: Network Access Time Date Conditions's href. + type: str + rel: + description: Network Access Time Date Conditions's rel. + type: str + type: + description: Network Access Time Date Conditions's type. + type: str + type: dict + type: list + conditionType: + description: <ul><li>Inidicates whether the record is the condition itself(data) + or a logical(or,and) aggregation</li> <li>Data type enum(reference,single) indicates + than "conditonId" OR "ConditionAttrs" fields should contain condition data but + not both</li> <li>Logical aggreation(and,or) enum indicates that additional conditions + are present under the children field</li></ul>. + type: str + datesRange: + description: <p>Defines for which date/s TimeAndDate condition will be matched<br> + Options are - Date range, for specific date, the same date should be used for + start/end date <br> Default - no specific dates<br> In order to reset the dates + to have no specific dates Date format - yyyy-mm-dd (MM = month, dd = day, yyyy + = year)</p>. + suboptions: + endDate: + description: Network Access Time Date Conditions's endDate. + type: str + startDate: + description: Network Access Time Date Conditions's startDate. + type: str + type: dict + datesRangeException: + description: <p>Defines for which date/s TimeAndDate condition will be matched<br> + Options are - Date range, for specific date, the same date should be used for + start/end date <br> Default - no specific dates<br> In order to reset the dates + to have no specific dates Date format - yyyy-mm-dd (MM = month, dd = day, yyyy + = year)</p>. + suboptions: + endDate: + description: Network Access Time Date Conditions's endDate. + type: str + startDate: + description: Network Access Time Date Conditions's startDate. + type: str + type: dict + description: + description: Condition description. + type: str + dictionaryName: + description: Dictionary name. + type: str + dictionaryValue: + description: Dictionary value. + type: str + hoursRange: + description: <p>Defines for which hours a TimeAndDate condition will be matched<br> + Time format - hh mm ( h = hour , mm = minutes ) <br> Default - All Day </p>. + suboptions: + endTime: + description: Network Access Time Date Conditions's endTime. + type: str + startTime: + description: Network Access Time Date Conditions's startTime. + type: str + type: dict + hoursRangeException: + description: <p>Defines for which hours a TimeAndDate condition will be matched<br> + Time format - hh mm ( h = hour , mm = minutes ) <br> Default - All Day </p>. + suboptions: + endTime: + description: Network Access Time Date Conditions's endTime. + type: str + startTime: + description: Network Access Time Date Conditions's startTime. + type: str + type: dict + id: + description: Network Access Time Date Conditions's id. + type: str + isNegate: + description: Indicates whereas this condition is in negate mode. + type: bool + link: + description: Network Access Time Date Conditions's link. + suboptions: + href: + description: Network Access Time Date Conditions's href. + type: str + rel: + description: Network Access Time Date Conditions's rel. + type: str + type: + description: Network Access Time Date Conditions's type. + type: str + type: dict + name: + description: Condition name. + type: str + operator: + description: Equality operator. + type: str + weekDays: + description: <p>Defines for which days this condition will be matched<br> Days format + - Arrays of WeekDay enums <br> Default - List of All week days</p>. + elements: str + type: list + weekDaysException: + description: <p>Defines for which days this condition will NOT be matched<br> Days + format - Arrays of WeekDay enums <br> Default - Not enabled</p>. + elements: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Time/Date Conditions + description: Complete reference of the Network Access - Time/Date Conditions API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_time_date_conditions.NetworkAccessTimeDateConditions.create_network_access_time_condition, + network_access_time_date_conditions.NetworkAccessTimeDateConditions.delete_network_access_time_condition_by_id, + network_access_time_date_conditions.NetworkAccessTimeDateConditions.update_network_access_time_condition_by_id, + + - Paths used are + post /network-access/time-condition, + delete /network-access/time-condition/{id}, + put /network-access/time-condition/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.network_access_time_date_conditions: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + +- name: Update by id + cisco.ise.network_access_time_date_conditions: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + attributeName: string + attributeValue: string + children: + - conditionType: string + isNegate: true + link: + href: string + rel: string + type: string + conditionType: string + datesRange: + endDate: string + startDate: string + datesRangeException: + endDate: string + startDate: string + description: string + dictionaryName: string + dictionaryValue: string + hoursRange: + endTime: string + startTime: string + hoursRangeException: + endTime: string + startTime: string + id: string + isNegate: true + link: + href: string + rel: string + type: string + name: string + operator: string + weekDays: + - string + weekDaysException: + - string + +- name: Delete by id + cisco.ise.network_access_time_date_conditions: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": {}, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_access_time_date_conditions_info.py b/ansible_collections/cisco/ise/plugins/modules/network_access_time_date_conditions_info.py new file mode 100644 index 00000000..aa22bfe9 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_access_time_date_conditions_info.py @@ -0,0 +1,70 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_access_time_date_conditions_info +short_description: Information module for Network Access Time Date Conditions +description: +- Get all Network Access Time Date Conditions. +- Get Network Access Time Date Conditions by id. +- Network Access - Returns a list of time and date conditions. +- Network Access - returns a network condition. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. Condition id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Network Access - Time/Date Conditions + description: Complete reference of the Network Access - Time/Date Conditions API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!policy-openapi +notes: + - SDK Method used are + network_access_time_date_conditions.NetworkAccessTimeDateConditions.get_network_access_time_condition_by_id, + network_access_time_date_conditions.NetworkAccessTimeDateConditions.get_network_access_time_conditions, + + - Paths used are + get /network-access/time-condition, + get /network-access/time-condition/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Network Access Time Date Conditions + cisco.ise.network_access_time_date_conditions_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +- name: Get Network Access Time Date Conditions by id + cisco.ise.network_access_time_date_conditions_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_device.py b/ansible_collections/cisco/ise/plugins/modules/network_device.py new file mode 100644 index 00000000..57a20dad --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_device.py @@ -0,0 +1,518 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_device +short_description: Resource module for Network Device +description: +- Manage operations create, update and delete of the resource Network Device. +- This API creates a network device. +- This API deletes a network device by ID. +- This API deletes a network device by name. +- This API allows the client to update a network device by ID. +- This API allows the client to update a network device by name. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + NetworkDeviceGroupList: + description: List of Network Device Group names for this node. + elements: str + type: list + NetworkDeviceIPList: + description: List of IP Subnets for this node. + elements: dict + suboptions: + getIpaddressExclude: + description: It can be either single IP address or IP range address. + type: str + ipaddress: + description: Network Device's ipaddress. + type: str + mask: + description: Network Device's mask. + type: int + type: list + authenticationSettings: + description: Network Device's authenticationSettings. + suboptions: + dtlsRequired: + description: This value enforces use of dtls. + type: bool + enableKeyWrap: + description: EnableKeyWrap flag. + type: bool + enableMultiSecret: + description: Network Device's enableMultiSecret. + type: str + enabled: + description: Enabled flag. + type: bool + keyEncryptionKey: + description: Network Device's keyEncryptionKey. + type: str + keyInputFormat: + description: Allowed values - ASCII, - HEXADECIMAL. + type: str + messageAuthenticatorCodeKey: + description: Network Device's messageAuthenticatorCodeKey. + type: str + networkProtocol: + description: Allowed values - RADIUS, - TACACS_PLUS. + type: str + radiusSharedSecret: + description: Network Device's radiusSharedSecret. + type: str + secondRADIUSSharedSecret: + description: Network Device's secondRADIUSSharedSecret. + type: str + type: dict + coaPort: + description: Network Device's coaPort. + type: int + description: + description: Network Device's description. + type: str + dtlsDnsName: + description: This value is used to verify the client identity contained in the X.509 + RADIUS/DTLS client certificate. + type: str + id: + description: Network Device's id. + type: str + modelName: + description: Network Device's modelName. + type: str + name: + description: Network Device's name. + type: str + profileName: + description: Network Device's profileName. + type: str + snmpsettings: + description: Network Device's snmpsettings. + suboptions: + linkTrapQuery: + description: LinkTrapQuery flag. + type: bool + macTrapQuery: + description: MacTrapQuery flag. + type: bool + originatingPolicyServicesNode: + description: Network Device's originatingPolicyServicesNode. + type: str + pollingInterval: + description: Network Device's pollingInterval. + type: int + roCommunity: + description: Network Device's roCommunity. + type: str + version: + description: Network Device's version. + type: str + type: dict + softwareVersion: + description: Network Device's softwareVersion. + type: str + tacacsSettings: + description: Network Device's tacacsSettings. + suboptions: + connectModeOptions: + description: Allowed values - OFF, - ON_LEGACY, - ON_DRAFT_COMPLIANT. + type: str + sharedSecret: + description: Network Device's sharedSecret. + type: str + type: dict + trustsecsettings: + description: Network Device's trustsecsettings. + suboptions: + deviceAuthenticationSettings: + description: Network Device's deviceAuthenticationSettings. + suboptions: + sgaDeviceId: + description: Network Device's sgaDeviceId. + type: str + sgaDevicePassword: + description: Network Device's sgaDevicePassword. + type: str + type: dict + deviceConfigurationDeployment: + description: Network Device's deviceConfigurationDeployment. + suboptions: + enableModePassword: + description: Network Device's enableModePassword. + type: str + execModePassword: + description: Network Device's execModePassword. + type: str + execModeUsername: + description: Network Device's execModeUsername. + type: str + includeWhenDeployingSGTUpdates: + description: IncludeWhenDeployingSGTUpdates flag. + type: bool + type: dict + pushIdSupport: + description: PushIdSupport flag. + type: bool + sgaNotificationAndUpdates: + description: Network Device's sgaNotificationAndUpdates. + suboptions: + coaSourceHost: + description: Network Device's coaSourceHost. + type: str + downlaodEnvironmentDataEveryXSeconds: + description: Network Device's downlaodEnvironmentDataEveryXSeconds. + type: int + downlaodPeerAuthorizationPolicyEveryXSeconds: + description: Network Device's downlaodPeerAuthorizationPolicyEveryXSeconds. + type: int + downloadSGACLListsEveryXSeconds: + description: Network Device's downloadSGACLListsEveryXSeconds. + type: int + otherSGADevicesToTrustThisDevice: + description: OtherSGADevicesToTrustThisDevice flag. + type: bool + reAuthenticationEveryXSeconds: + description: Network Device's reAuthenticationEveryXSeconds. + type: int + sendConfigurationToDevice: + description: SendConfigurationToDevice flag. + type: bool + sendConfigurationToDeviceUsing: + description: Allowed values - ENABLE_USING_COA, - ENABLE_USING_CLI, - DISABLE_ALL. + type: str + type: dict + type: dict +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + network_device.NetworkDevice.create_network_device, + network_device.NetworkDevice.delete_network_device_by_id, + network_device.NetworkDevice.delete_network_device_by_name, + network_device.NetworkDevice.update_network_device_by_id, + network_device.NetworkDevice.update_network_device_by_name, + + - Paths used are + post /ers/config/networkdevice, + delete /ers/config/networkdevice/name/{name}, + delete /ers/config/networkdevice/{id}, + put /ers/config/networkdevice/name/{name}, + put /ers/config/networkdevice/{id}, + +""" + +EXAMPLES = r""" +- name: Update by name + cisco.ise.network_device: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + NetworkDeviceGroupList: + - string + NetworkDeviceIPList: + - getIpaddressExclude: string + ipaddress: string + mask: 0 + authenticationSettings: + dtlsRequired: true + enableKeyWrap: true + enableMultiSecret: string + enabled: true + keyEncryptionKey: string + keyInputFormat: string + messageAuthenticatorCodeKey: string + networkProtocol: string + radiusSharedSecret: string + secondRadiusSharedSecret: string + coaPort: 0 + description: string + dtlsDnsName: string + id: string + modelName: string + name: string + profileName: string + snmpsettings: + linkTrapQuery: true + macTrapQuery: true + originatingPolicyServicesNode: string + pollingInterval: 0 + roCommunity: string + version: string + softwareVersion: string + tacacsSettings: + connectModeOptions: string + sharedSecret: string + trustsecsettings: + deviceAuthenticationSettings: + sgaDeviceId: string + sgaDevicePassword: string + deviceConfigurationDeployment: + enableModePassword: string + execModePassword: string + execModeUsername: string + includeWhenDeployingSGTUpdates: true + pushIdSupport: true + sgaNotificationAndUpdates: + coaSourceHost: string + downlaodEnvironmentDataEveryXSeconds: 0 + downlaodPeerAuthorizationPolicyEveryXSeconds: 0 + downloadSGACLListsEveryXSeconds: 0 + otherSGADevicesToTrustThisDevice: true + reAuthenticationEveryXSeconds: 0 + sendConfigurationToDevice: true + sendConfigurationToDeviceUsing: string + +- name: Delete by name + cisco.ise.network_device: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + name: string + +- name: Update by id + cisco.ise.network_device: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + NetworkDeviceGroupList: + - string + NetworkDeviceIPList: + - getIpaddressExclude: string + ipaddress: string + mask: 0 + authenticationSettings: + dtlsRequired: true + enableKeyWrap: true + enableMultiSecret: string + enabled: true + keyEncryptionKey: string + keyInputFormat: string + messageAuthenticatorCodeKey: string + networkProtocol: string + radiusSharedSecret: string + secondRadiusSharedSecret: string + coaPort: 0 + description: string + dtlsDnsName: string + id: string + modelName: string + name: string + profileName: string + snmpsettings: + linkTrapQuery: true + macTrapQuery: true + originatingPolicyServicesNode: string + pollingInterval: 0 + roCommunity: string + version: string + softwareVersion: string + tacacsSettings: + connectModeOptions: string + sharedSecret: string + trustsecsettings: + deviceAuthenticationSettings: + sgaDeviceId: string + sgaDevicePassword: string + deviceConfigurationDeployment: + enableModePassword: string + execModePassword: string + execModeUsername: string + includeWhenDeployingSGTUpdates: true + pushIdSupport: true + sgaNotificationAndUpdates: + coaSourceHost: string + downlaodEnvironmentDataEveryXSeconds: 0 + downlaodPeerAuthorizationPolicyEveryXSeconds: 0 + downloadSGACLListsEveryXSeconds: 0 + otherSGADevicesToTrustThisDevice: true + reAuthenticationEveryXSeconds: 0 + sendConfigurationToDevice: true + sendConfigurationToDeviceUsing: string + +- name: Delete by id + cisco.ise.network_device: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.network_device: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + NetworkDeviceGroupList: + - string + NetworkDeviceIPList: + - getIpaddressExclude: string + ipaddress: string + mask: 0 + authenticationSettings: + dtlsRequired: true + enableKeyWrap: true + enableMultiSecret: string + enabled: true + keyEncryptionKey: string + keyInputFormat: string + messageAuthenticatorCodeKey: string + networkProtocol: string + radiusSharedSecret: string + secondRadiusSharedSecret: string + coaPort: 0 + description: string + dtlsDnsName: string + modelName: string + name: string + profileName: string + snmpsettings: + linkTrapQuery: true + macTrapQuery: true + originatingPolicyServicesNode: string + pollingInterval: 0 + roCommunity: string + version: string + softwareVersion: string + tacacsSettings: + connectModeOptions: string + sharedSecret: string + trustsecsettings: + deviceAuthenticationSettings: + sgaDeviceId: string + sgaDevicePassword: string + deviceConfigurationDeployment: + enableModePassword: string + execModePassword: string + execModeUsername: string + includeWhenDeployingSGTUpdates: true + pushIdSupport: true + sgaNotificationAndUpdates: + coaSourceHost: string + downlaodEnvironmentDataEveryXSeconds: 0 + downlaodPeerAuthorizationPolicyEveryXSeconds: 0 + downloadSGACLListsEveryXSeconds: 0 + otherSGADevicesToTrustThisDevice: true + reAuthenticationEveryXSeconds: 0 + sendConfigurationToDevice: true + sendConfigurationToDeviceUsing: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "authenticationSettings": { + "networkProtocol": "string", + "secondRadiusSharedSecret": "string", + "radiusSharedSecret": "string", + "enableKeyWrap": true, + "enabled": true, + "dtlsRequired": true, + "enableMultiSecret": "string", + "keyEncryptionKey": "string", + "messageAuthenticatorCodeKey": "string", + "keyInputFormat": "string" + }, + "snmpsettings": { + "version": "string", + "roCommunity": "string", + "pollingInterval": 0, + "linkTrapQuery": true, + "macTrapQuery": true, + "originatingPolicyServicesNode": "string" + }, + "trustsecsettings": { + "deviceAuthenticationSettings": { + "sgaDeviceId": "string", + "sgaDevicePassword": "string" + }, + "sgaNotificationAndUpdates": { + "downlaodEnvironmentDataEveryXSeconds": 0, + "downlaodPeerAuthorizationPolicyEveryXSeconds": 0, + "reAuthenticationEveryXSeconds": 0, + "downloadSGACLListsEveryXSeconds": 0, + "otherSGADevicesToTrustThisDevice": true, + "sendConfigurationToDevice": true, + "sendConfigurationToDeviceUsing": "string", + "coaSourceHost": "string" + }, + "deviceConfigurationDeployment": { + "includeWhenDeployingSGTUpdates": true, + "enableModePassword": "string", + "execModePassword": "string", + "execModeUsername": "string" + }, + "pushIdSupport": true + }, + "tacacsSettings": { + "sharedSecret": "string", + "connectModeOptions": "string" + }, + "profileName": "string", + "coaPort": 0, + "dtlsDnsName": "string", + "modelName": "string", + "softwareVersion": "string", + "NetworkDeviceIPList": [ + { + "ipaddress": "string", + "mask": 0, + "getIpaddressExclude": "string" + } + ], + "NetworkDeviceGroupList": [ + "string" + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_device_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/modules/network_device_bulk_monitor_status_info.py new file mode 100644 index 00000000..7f885031 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_device_bulk_monitor_status_info.py @@ -0,0 +1,72 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_device_bulk_monitor_status_info +short_description: Information module for Network Device Bulk Monitor Status +description: +- Get Network Device Bulk Monitor Status by id. +- This API allows the client to monitor the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + bulkid: + description: + - Bulkid path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + network_device.NetworkDevice.monitor_bulk_status_network_device, + + - Paths used are + get /ers/config/networkdevice/bulk/{bulkid}, + +""" + +EXAMPLES = r""" +- name: Get Network Device Bulk Monitor Status by id + cisco.ise.network_device_bulk_monitor_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + bulkid: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "bulkId": "string", + "mediaType": "string", + "executionStatus": "string", + "operationType": "string", + "startTime": "string", + "resourcesCount": 0, + "successCount": 0, + "failCount": 0, + "resourcesStatus": [ + { + "id": "string", + "name": "string", + "description": "string", + "resourceExecutionStatus": "string", + "status": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_device_bulk_request.py b/ansible_collections/cisco/ise/plugins/modules/network_device_bulk_request.py new file mode 100644 index 00000000..0489df3c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_device_bulk_request.py @@ -0,0 +1,56 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_device_bulk_request +short_description: Resource module for Network Device Bulk Request +description: +- Manage operation update of the resource Network Device Bulk Request. +- This API allows the client to submit the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + operationType: + description: Network Device Bulk Request's operationType. + type: str + resourceMediaType: + description: Network Device Bulk Request's resourceMediaType. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + network_device.NetworkDevice.bulk_request_for_network_device, + + - Paths used are + put /ers/config/networkdevice/bulk/submit, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.network_device_bulk_request: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + operationType: string + resourceMediaType: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_device_group.py b/ansible_collections/cisco/ise/plugins/modules/network_device_group.py new file mode 100644 index 00000000..12515718 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_device_group.py @@ -0,0 +1,122 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_device_group +short_description: Resource module for Network Device Group +description: +- Manage operations create, update and delete of the resource Network Device Group. +- This API creates a network device group. +- This API deletes a network device group. +- This API allows the client to update a network device group. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + description: + description: Network Device Group's description. + type: str + id: + description: Network Device Group's id. + type: str + name: + description: Network Device Group's name. + type: str + othername: + description: Network Device Group's othername. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + network_device_group.NetworkDeviceGroup.create_network_device_group, + network_device_group.NetworkDeviceGroup.delete_network_device_group_by_id, + network_device_group.NetworkDeviceGroup.update_network_device_group_by_id, + + - Paths used are + post /ers/config/networkdevicegroup, + delete /ers/config/networkdevicegroup/{id}, + put /ers/config/networkdevicegroup/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.network_device_group: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + id: string + name: string + othername: string + +- name: Delete by id + cisco.ise.network_device_group: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.network_device_group: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + name: string + othername: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + }, + "othername": "string" + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_device_group_info.py b/ansible_collections/cisco/ise/plugins/modules/network_device_group_info.py new file mode 100644 index 00000000..f729d6e4 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_device_group_info.py @@ -0,0 +1,164 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_device_group_info +short_description: Information module for Network Device Group +description: +- Get all Network Device Group. +- Get Network Device Group by id. +- Get Network Device Group by name. +- This API allows the client to get a network device group by ID. +- This API allows the client to get a network device group by name. +- This API allows the client to get all the network device groups. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - > + Name path parameter. Colon is used as a separator instead of (#) in the NDG name. For example, if the name + is a#b#c it should appear in the request URL as a b c. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + network_device_group.NetworkDeviceGroup.get_network_device_group_by_id, + network_device_group.NetworkDeviceGroup.get_network_device_group_by_name, + network_device_group.NetworkDeviceGroup.get_network_device_group_generator, + + - Paths used are + get /ers/config/networkdevicegroup, + get /ers/config/networkdevicegroup/name/{name}, + get /ers/config/networkdevicegroup/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Network Device Group + cisco.ise.network_device_group_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Network Device Group by id + cisco.ise.network_device_group_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get Network Device Group by name + cisco.ise.network_device_group_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + }, + "othername": "string" + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + }, + "othername": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/network_device_info.py b/ansible_collections/cisco/ise/plugins/modules/network_device_info.py new file mode 100644 index 00000000..95ef6fce --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/network_device_info.py @@ -0,0 +1,284 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: network_device_info +short_description: Information module for Network Device +description: +- Get all Network Device. +- Get Network Device by id. +- Get Network Device by name. +- This API allows the client to get a network device by ID. +- This API allows the client to get a network device by name. +- This API allows the client to get all the network devices. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + network_device.NetworkDevice.get_network_device_by_id, + network_device.NetworkDevice.get_network_device_by_name, + network_device.NetworkDevice.get_network_device_generator, + + - Paths used are + get /ers/config/networkdevice, + get /ers/config/networkdevice/name/{name}, + get /ers/config/networkdevice/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Network Device + cisco.ise.network_device_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Network Device by id + cisco.ise.network_device_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get Network Device by name + cisco.ise.network_device_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "authenticationSettings": { + "networkProtocol": "string", + "secondRadiusSharedSecret": "string", + "radiusSharedSecret": "string", + "enableKeyWrap": true, + "enabled": true, + "dtlsRequired": true, + "enableMultiSecret": "string", + "keyEncryptionKey": "string", + "messageAuthenticatorCodeKey": "string", + "keyInputFormat": "string" + }, + "snmpsettings": { + "version": "string", + "roCommunity": "string", + "pollingInterval": 0, + "linkTrapQuery": true, + "macTrapQuery": true, + "originatingPolicyServicesNode": "string" + }, + "trustsecsettings": { + "deviceAuthenticationSettings": { + "sgaDeviceId": "string", + "sgaDevicePassword": "string" + }, + "sgaNotificationAndUpdates": { + "downlaodEnvironmentDataEveryXSeconds": 0, + "downlaodPeerAuthorizationPolicyEveryXSeconds": 0, + "reAuthenticationEveryXSeconds": 0, + "downloadSGACLListsEveryXSeconds": 0, + "otherSGADevicesToTrustThisDevice": true, + "sendConfigurationToDevice": true, + "sendConfigurationToDeviceUsing": "string", + "coaSourceHost": "string" + }, + "deviceConfigurationDeployment": { + "includeWhenDeployingSGTUpdates": true, + "enableModePassword": "string", + "execModePassword": "string", + "execModeUsername": "string" + }, + "pushIdSupport": true + }, + "tacacsSettings": { + "sharedSecret": "string", + "connectModeOptions": "string" + }, + "profileName": "string", + "coaPort": 0, + "dtlsDnsName": "string", + "modelName": "string", + "softwareVersion": "string", + "NetworkDeviceIPList": [ + { + "ipaddress": "string", + "mask": 0, + "getIpaddressExclude": "string" + } + ], + "NetworkDeviceGroupList": [ + "string" + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "authenticationSettings": { + "networkProtocol": "string", + "secondRadiusSharedSecret": "string", + "radiusSharedSecret": "string", + "enableKeyWrap": true, + "enabled": true, + "dtlsRequired": true, + "enableMultiSecret": "string", + "keyEncryptionKey": "string", + "messageAuthenticatorCodeKey": "string", + "keyInputFormat": "string" + }, + "snmpsettings": { + "version": "string", + "roCommunity": "string", + "pollingInterval": 0, + "linkTrapQuery": true, + "macTrapQuery": true, + "originatingPolicyServicesNode": "string" + }, + "trustsecsettings": { + "deviceAuthenticationSettings": { + "sgaDeviceId": "string", + "sgaDevicePassword": "string" + }, + "sgaNotificationAndUpdates": { + "downlaodEnvironmentDataEveryXSeconds": 0, + "downlaodPeerAuthorizationPolicyEveryXSeconds": 0, + "reAuthenticationEveryXSeconds": 0, + "downloadSGACLListsEveryXSeconds": 0, + "otherSGADevicesToTrustThisDevice": true, + "sendConfigurationToDevice": true, + "sendConfigurationToDeviceUsing": "string", + "coaSourceHost": "string" + }, + "deviceConfigurationDeployment": { + "includeWhenDeployingSGTUpdates": true, + "enableModePassword": "string", + "execModePassword": "string", + "execModeUsername": "string" + }, + "pushIdSupport": true + }, + "tacacsSettings": { + "sharedSecret": "string", + "connectModeOptions": "string" + }, + "profileName": "string", + "coaPort": 0, + "dtlsDnsName": "string", + "modelName": "string", + "softwareVersion": "string", + "NetworkDeviceIPList": [ + { + "ipaddress": "string", + "mask": 0, + "getIpaddressExclude": "string" + } + ], + "NetworkDeviceGroupList": [ + "string" + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_deployment.py b/ansible_collections/cisco/ise/plugins/modules/node_deployment.py new file mode 100644 index 00000000..4af07b07 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_deployment.py @@ -0,0 +1,136 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_deployment +short_description: Resource module for Node Deployment +description: +- Manage operations create, update and delete of the resource Node Deployment. +- This API registers a Cisco ISE node to form a multi-node deployment. +- The deregistered node becomes a standalone Cisco ISE node. +- This API updates the configuration of the Cisco ISE node with the. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + allowCertImport: + description: Consent to import the self-signed certificate of the registering node. + type: bool + fqdn: + description: Node Deployment's fqdn. + type: str + hostname: + description: Hostname path parameter. Hostname of the deployed node. + type: str + password: + description: Node Deployment's password. + type: str + roles: + description: Roles can be empty or have many values for a node. + elements: str + type: list + services: + description: Services can be empty or have many values for a node. + elements: str + type: list + userName: + description: Node Deployment's userName. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Node Deployment + description: Complete reference of the Node Deployment API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!deployment-openapi +notes: + - SDK Method used are + node_deployment.NodeDeployment.delete_node, + node_deployment.NodeDeployment.register_node, + node_deployment.NodeDeployment.update_node, + + - Paths used are + post /api/v1/deployment/node, + delete /api/v1/deployment/node/{hostname}, + put /api/v1/deployment/node/{hostname}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.node_deployment: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + allowCertImport: true + fqdn: string + password: string + roles: + - string + services: + - string + userName: string + +- name: Update by name + cisco.ise.node_deployment: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + hostname: string + roles: + - string + services: + - string + +- name: Delete by name + cisco.ise.node_deployment: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + hostname: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "fqdn": "string", + "hostname": "string", + "ipAddress": "string", + "nodeStatus": "string", + "roles": [ + "string" + ], + "services": [ + "string" + ] + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "success": { + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_deployment_info.py b/ansible_collections/cisco/ise/plugins/modules/node_deployment_info.py new file mode 100644 index 00000000..76363516 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_deployment_info.py @@ -0,0 +1,109 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_deployment_info +short_description: Information module for Node Deployment +description: +- Get all Node Deployment. +- Get Node Deployment by name. +- The API lists all the nodes that are deployed in the cluster. +- This API retrieves detailed information of the deployed node. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + filter: + description: + - > + Filter query parameter. .. Container **Simple filtering** is available through the filter query string + parameter. The structure of a filter is a triplet of field operator and value, separated by dots. More than + one filter can be sent. The logical operator common to all filter criteria is AND by default, and can be + changed by using the *"filterType=or"* query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to all filter criteria is AND by default, and can be + changed by using this parameter. + type: str + hostname: + description: + - Hostname path parameter. Hostname of the deployed node. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Node Deployment + description: Complete reference of the Node Deployment API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!deployment-openapi +notes: + - SDK Method used are + node_deployment.NodeDeployment.get_node_details, + node_deployment.NodeDeployment.get_nodes, + + - Paths used are + get /api/v1/deployment/node, + get /api/v1/deployment/node/{hostname}, + +""" + +EXAMPLES = r""" +- name: Get all Node Deployment + cisco.ise.node_deployment_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + filter: [] + filterType: string + register: result + +- name: Get Node Deployment by name + cisco.ise.node_deployment_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + hostname: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "fqdn": "string", + "hostname": "string", + "ipAddress": "string", + "nodeStatus": "string", + "roles": [ + "string" + ], + "services": [ + "string" + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_deployment_sync.py b/ansible_collections/cisco/ise/plugins/modules/node_deployment_sync.py new file mode 100644 index 00000000..5d3d60c9 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_deployment_sync.py @@ -0,0 +1,62 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_deployment_sync +short_description: Resource module for Node Deployment Sync +description: +- Manage operation create of the resource Node Deployment Sync. +- Performing a manual synchronization involves a reload of the target node, but. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + hostname: + description: Hostname path parameter. Hostname of the node. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Node Deployment + description: Complete reference of the Node Deployment API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!deployment-openapi +notes: + - SDK Method used are + node_deployment.NodeDeployment.sync_node, + + - Paths used are + post /api/v1/deployment/sync-node/{hostname}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.node_deployment_sync: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + hostname: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "id": "string", + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_group.py b/ansible_collections/cisco/ise/plugins/modules/node_group.py new file mode 100644 index 00000000..8e28165f --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_group.py @@ -0,0 +1,147 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_group +short_description: Resource module for Node Group +description: +- Manage operations create, update and delete of the resource Node Group. +- This API creates a node group in the cluster. A node group is a group of PSNs,. +- Delete an existing node group in the cluster. Deleting the node group does not delete the nodes, but failover is no longer carried out among the nodes. +- Purpose of this API is to update an existing node group. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + description: + description: Node Group's description. + type: str + forceDelete: + description: ForceDelete query parameter. Force delete the group even if the node + group contains one or more nodes. + type: bool + marCache: + description: Node Group's marCache. + suboptions: + query-attempts: + description: The number of times Cisco ISE attempts to perform the cache entry + query. (0 - 5). + type: int + query-timeout: + description: The time, in seconds, after which the cache entry query times out. + (1 - 10). + type: int + replication-attempts: + description: The number of times Cisco ISE attempts to perform MAR cache entry + replication. (0 - 5). + type: int + replication-timeout: + description: The time, in seconds, after which the cache entry replication times + out. (1 - 10). + type: int + type: dict + name: + description: Node Group's name. + type: str + nodeGroupName: + description: NodeGroupName path parameter. Name of the existing node group. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Node Group + description: Complete reference of the Node Group API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!deployment-openapi +notes: + - SDK Method used are + node_group.NodeGroup.create_node_group, + node_group.NodeGroup.delete_node_group, + node_group.NodeGroup.update_node_group, + + - Paths used are + post /api/v1/deployment/node-group, + delete /api/v1/deployment/node-group/{nodeGroupName}, + put /api/v1/deployment/node-group/{nodeGroupName}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.node_group: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + marCache: + query-attempts: 0 + query-timeout: 0 + replication-attempts: 0 + replication-timeout: 0 + name: string + +- name: Update by name + cisco.ise.node_group: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + marCache: + query-attempts: 0 + query-timeout: 0 + replication-attempts: 0 + replication-timeout: 0 + name: string + nodeGroupName: string + +- name: Delete by name + cisco.ise.node_group: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + forceDelete: true + nodeGroupName: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "description": "string", + "marCache": { + "query-attempts": 0, + "query-timeout": 0, + "replication-attempts": 0, + "replication-timeout": 0 + }, + "name": "string" + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "success": { + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_group_info.py b/ansible_collections/cisco/ise/plugins/modules/node_group_info.py new file mode 100644 index 00000000..ee2f50ae --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_group_info.py @@ -0,0 +1,79 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_group_info +short_description: Information module for Node Group +description: +- Get all Node Group. +- Get Node Group by name. +- This API retrieves the details of a node group in the cluster using a node group name. +- This API retrieves the details of all the node groups in the cluster. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + nodeGroupName: + description: + - NodeGroupName path parameter. Name of the existing node group. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Node Group + description: Complete reference of the Node Group API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!deployment-openapi +notes: + - SDK Method used are + node_group.NodeGroup.get_node_group, + node_group.NodeGroup.get_node_groups, + + - Paths used are + get /api/v1/deployment/node-group, + get /api/v1/deployment/node-group/{nodeGroupName}, + +""" + +EXAMPLES = r""" +- name: Get all Node Group + cisco.ise.node_group_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +- name: Get Node Group by name + cisco.ise.node_group_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + nodeGroupName: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "description": "string", + "marCache": { + "query-attempts": 0, + "query-timeout": 0, + "replication-attempts": 0, + "replication-timeout": 0 + }, + "name": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_group_node_create.py b/ansible_collections/cisco/ise/plugins/modules/node_group_node_create.py new file mode 100644 index 00000000..f57f5233 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_group_node_create.py @@ -0,0 +1,65 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_group_node_create +short_description: Resource module for Node Group Node Create +description: +- Manage operation create of the resource Node Group Node Create. +- This API adds a node to the node group in the cluster. When a node that. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + hostname: + description: Node Group Node Create's hostname. + type: str + nodeGroupName: + description: NodeGroupName path parameter. Name of the existing node group. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Node Group + description: Complete reference of the Node Group API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!deployment-openapi +notes: + - SDK Method used are + node_group.NodeGroup.add_node, + + - Paths used are + post /api/v1/deployment/node-group/{nodeGroupName}/add-node, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.node_group_node_create: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + hostname: string + nodeGroupName: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "success": { + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_group_node_delete.py b/ansible_collections/cisco/ise/plugins/modules/node_group_node_delete.py new file mode 100644 index 00000000..0097d0c8 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_group_node_delete.py @@ -0,0 +1,65 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_group_node_delete +short_description: Resource module for Node Group Node Delete +description: +- Manage operation create of the resource Node Group Node Delete. +- Purpose of this API is to remove a node from a node group in the cluster. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + hostname: + description: Node Group Node Delete's hostname. + type: str + nodeGroupName: + description: NodeGroupName path parameter. Name of the existing node group. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Node Group + description: Complete reference of the Node Group API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!deployment-openapi +notes: + - SDK Method used are + node_group.NodeGroup.remove_node, + + - Paths used are + post /api/v1/deployment/node-group/{nodeGroupName}/remove-node, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.node_group_node_delete: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + hostname: string + nodeGroupName: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "success": { + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_group_node_info.py b/ansible_collections/cisco/ise/plugins/modules/node_group_node_info.py new file mode 100644 index 00000000..46ed0b9e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_group_node_info.py @@ -0,0 +1,63 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_group_node_info +short_description: Information module for Node Group Node +description: +- Get all Node Group Node. +- This API retrieves the list of nodes associated with a node group in the cluster with a given node group name. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + nodeGroupName: + description: + - NodeGroupName path parameter. Name of the existing node group. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Node Group + description: Complete reference of the Node Group API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!deployment-openapi +notes: + - SDK Method used are + node_group.NodeGroup.get_nodes, + + - Paths used are + get /api/v1/deployment/node-group/{nodeGroupName}/node, + +""" + +EXAMPLES = r""" +- name: Get all Node Group Node + cisco.ise.node_group_node_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + nodeGroupName: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "hostname": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_info.py b/ansible_collections/cisco/ise/plugins/modules/node_info.py new file mode 100644 index 00000000..e0ca4751 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_info.py @@ -0,0 +1,184 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_info +short_description: Information module for Node +description: +- Get all Node. +- Get Node by id. +- Get Node by name. +- This API allows the client to get all the node details. +- This API allows the client to get node details by ID. +- This API allows the client to get node details by name. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for NodeDetails + description: Complete reference of the NodeDetails API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!node +notes: + - SDK Method used are + node_details.NodeDetails.get_node_detail_by_id, + node_details.NodeDetails.get_node_detail_by_name, + node_details.NodeDetails.get_node_details_generator, + + - Paths used are + get /ers/config/node, + get /ers/config/node/name/{name}, + get /ers/config/node/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Node + cisco.ise.node_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + filter: [] + filterType: AND + register: result + +- name: Get Node by id + cisco.ise.node_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get Node by name + cisco.ise.node_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "gateWay": "string", + "userName": "string", + "passWord": "string", + "displayName": "string", + "inDeployment": true, + "otherPapFqdn": "string", + "ipAddresses": [ + "string" + ], + "ipAddress": "string", + "sxpIpAddress": "string", + "nodeServiceTypes": "string", + "fqdn": "string", + "papNode": true, + "primaryPapNode": true, + "pxGridNode": true, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "gateWay": "string", + "userName": "string", + "passWord": "string", + "displayName": "string", + "inDeployment": true, + "otherPapFqdn": "string", + "ipAddresses": [ + "string" + ], + "ipAddress": "string", + "sxpIpAddress": "string", + "nodeServiceTypes": "string", + "fqdn": "string", + "papNode": true, + "primaryPapNode": true, + "pxGridNode": true, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_primary_to_standalone.py b/ansible_collections/cisco/ise/plugins/modules/node_primary_to_standalone.py new file mode 100644 index 00000000..e83c1922 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_primary_to_standalone.py @@ -0,0 +1,62 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_primary_to_standalone +short_description: Resource module for Node Primary To Standalone +description: +- Manage operation create of the resource Node Primary To Standalone. +- This API changes the primary PAN in a single node cluster on which the API is invoked, to a standalone node. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + hostname: + description: Hostname path parameter. Hostname of the node. + type: str + required: true +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Node Deployment + description: Complete reference of the Node Deployment API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!deployment-openapi +notes: + - SDK Method used are + node_deployment.NodeDeployment.make_standalone, + + - Paths used are + post /api/v1/deployment/standalone, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.node_primary_to_standalone: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + hostname: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "success": { + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_promotion.py b/ansible_collections/cisco/ise/plugins/modules/node_promotion.py new file mode 100644 index 00000000..c3c0bf92 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_promotion.py @@ -0,0 +1,54 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_promotion +short_description: Resource module for Node Promotion +description: +- Manage operation update of the resource Node Promotion. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + promotionType: + description: Node Promotion's promotionType. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + node_deployment.NodeDeployment.promote_node, + + - Paths used are + put /api/v1/deployment/node-promotion/, +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.node_promotion: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + promotionType: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "code": 0, + "message": "string", + "rootCause": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_replication_status_info.py b/ansible_collections/cisco/ise/plugins/modules/node_replication_status_info.py new file mode 100644 index 00000000..86c442d1 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_replication_status_info.py @@ -0,0 +1,54 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_replication_status_info +short_description: Information module for Node Replication Status +description: +- Get Node Replication Status by id. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + node: + description: + - Node path parameter. ID of the existing node. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + replication_status.ReplicationStatus.get_node_replication_status, + + - Paths used are + get /api/v1/replication-status/{node} +""" + +EXAMPLES = r""" +- name: Get Node Replication Status by id + cisco.ise.node_replication_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + node: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "NodeStatus": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_secondary_to_primary.py b/ansible_collections/cisco/ise/plugins/modules/node_secondary_to_primary.py new file mode 100644 index 00000000..236082dc --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_secondary_to_primary.py @@ -0,0 +1,62 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_secondary_to_primary +short_description: Resource module for Node Secondary To Primary +description: +- Manage operation create of the resource Node Secondary To Primary. +- Execute this API in the secondary PAN in the cluster to promote the node to. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + hostname: + description: Hostname path parameter. Hostname of the node. + type: str + required: true +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Node Deployment + description: Complete reference of the Node Deployment API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!deployment-openapi +notes: + - SDK Method used are + node_deployment.NodeDeployment.promote_node, + + - Paths used are + post /api/v1/deployment/promote, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.node_secondary_to_primary: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + hostname: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "success": { + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_services_interfaces_info.py b/ansible_collections/cisco/ise/plugins/modules/node_services_interfaces_info.py new file mode 100644 index 00000000..893da855 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_services_interfaces_info.py @@ -0,0 +1,63 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_services_interfaces_info +short_description: Information module for Node Services Interfaces +description: +- Get all Node Services Interfaces. +- This API retrieves the list of interfaces on a node in a cluster. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + hostname: + description: + - Hostname path parameter. Hostname of the node. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Node Services + description: Complete reference of the Node Services API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!deployment-openapi +notes: + - SDK Method used are + node_services.NodeServices.get_interfaces, + + - Paths used are + get /api/v1/node/{hostname}/interface, + +""" + +EXAMPLES = r""" +- name: Get all Node Services Interfaces + cisco.ise.node_services_interfaces_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + hostname: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "interface": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_services_profiler_probe_config.py b/ansible_collections/cisco/ise/plugins/modules/node_services_profiler_probe_config.py new file mode 100644 index 00000000..b47eff3a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_services_profiler_probe_config.py @@ -0,0 +1,284 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_services_profiler_probe_config +short_description: Resource module for Node Services Profiler Probe Config +description: +- Manage operation update of the resource Node Services Profiler Probe Config. +- This API updates the profiler probe configuration of a PSN. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + activeDirectory: + description: The Active Directory probe queries the Active Directory for Windows + information. + suboptions: + daysBeforeRescan: + description: Node Services Profiler Probe Config's daysBeforeRescan. + type: int + type: dict + dhcp: + description: The DHCP probe listens for DHCP packets from IP helpers. + suboptions: + interfaces: + description: Node Services Profiler Probe Config's interfaces. + elements: dict + suboptions: + interface: + description: Node Services Profiler Probe Config's interface. + type: str + type: list + port: + description: Node Services Profiler Probe Config's port. + type: int + type: dict + dhcpSpan: + description: The DHCP SPAN probe collects DHCP packets. + suboptions: + interfaces: + description: Node Services Profiler Probe Config's interfaces. + elements: dict + suboptions: + interface: + description: Node Services Profiler Probe Config's interface. + type: str + type: list + type: dict + dns: + description: The DNS probe performs a DNS lookup for the FQDN. + suboptions: + timeout: + description: Node Services Profiler Probe Config's timeout. + type: int + type: dict + hostname: + description: Hostname path parameter. Hostname of the node. + type: str + http: + description: The HTTP probe receives and parses HTTP packets. + suboptions: + interfaces: + description: Node Services Profiler Probe Config's interfaces. + elements: dict + suboptions: + interface: + description: Node Services Profiler Probe Config's interface. + type: str + type: list + type: dict + netflow: + description: The NetFlow probe collects the NetFlow packets that are sent to it + from routers. + suboptions: + interfaces: + description: Node Services Profiler Probe Config's interfaces. + elements: dict + suboptions: + interface: + description: Node Services Profiler Probe Config's interface. + type: str + type: list + port: + description: Node Services Profiler Probe Config's port. + type: int + type: dict + nmap: + description: The NMAP probe scans endpoints for open ports and OS. + elements: dict + type: list + pxgrid: + description: The pxGrid probe fetches attributes of MAC address or IP address as + a subscriber from the pxGrid queue. + elements: dict + type: list + radius: + description: The RADIUS probe collects RADIUS session attributes as well as CDP, + LLDP, DHCP, HTTP, and MDM attributes from IOS Sensors. + elements: dict + type: list + snmpQuery: + description: The SNMP query probe collects details from network devices such as + interface, CDP, LLDP, and ARP. + suboptions: + eventTimeout: + description: Node Services Profiler Probe Config's eventTimeout. + type: int + retries: + description: Node Services Profiler Probe Config's retries. + type: int + timeout: + description: Node Services Profiler Probe Config's timeout. + type: int + type: dict + snmpTrap: + description: The SNMP trap probe receives linkup, linkdown, and MAC notification + traps from network devices. + suboptions: + interfaces: + description: Node Services Profiler Probe Config's interfaces. + elements: dict + suboptions: + interface: + description: Node Services Profiler Probe Config's interface. + type: str + type: list + linkTrapQuery: + description: LinkTrapQuery flag. + type: bool + macTrapQuery: + description: MacTrapQuery flag. + type: bool + port: + description: Node Services Profiler Probe Config's port. + type: int + type: dict +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Node Services + description: Complete reference of the Node Services API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!deployment-openapi +notes: + - SDK Method used are + node_services.NodeServices.set_profiler_probe_config, + + - Paths used are + put /api/v1/profile/{hostname}, + +""" + +EXAMPLES = r""" +- name: Update by name + cisco.ise.node_services_profiler_probe_config: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + activeDirectory: + daysBeforeRescan: 0 + dhcp: + interfaces: + - interface: string + port: 0 + dhcpSpan: + interfaces: + - interface: string + dns: + timeout: 0 + hostname: string + http: + interfaces: + - interface: string + netflow: + interfaces: + - interface: string + port: 0 + nmap: + - {} + pxgrid: + - {} + radius: + - {} + snmpQuery: + eventTimeout: 0 + retries: 0 + timeout: 0 + snmpTrap: + interfaces: + - interface: string + linkTrapQuery: true + macTrapQuery: true + port: 0 + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "activeDirectory": { + "daysBeforeRescan": 0 + }, + "dhcp": { + "interfaces": [ + { + "interface": "string" + } + ], + "port": 0 + }, + "dhcpSpan": { + "interfaces": [ + { + "interface": "string" + } + ] + }, + "dns": { + "timeout": 0 + }, + "http": { + "interfaces": [ + { + "interface": "string" + } + ] + }, + "netflow": { + "interfaces": [ + { + "interface": "string" + } + ], + "port": 0 + }, + "nmap": [ + {} + ], + "pxgrid": [ + {} + ], + "radius": [ + {} + ], + "snmpQuery": { + "eventTimeout": 0, + "retries": 0, + "timeout": 0 + }, + "snmpTrap": { + "interfaces": [ + { + "interface": "string" + } + ], + "linkTrapQuery": true, + "macTrapQuery": true, + "port": 0 + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "success": { + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_services_profiler_probe_config_info.py b/ansible_collections/cisco/ise/plugins/modules/node_services_profiler_probe_config_info.py new file mode 100644 index 00000000..10656397 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_services_profiler_probe_config_info.py @@ -0,0 +1,119 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_services_profiler_probe_config_info +short_description: Information module for Node Services Profiler Probe Config +description: +- Get Node Services Profiler Probe Config by name. +- This API retrieves the profiler probe configuration of a PSN. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + hostname: + description: + - Hostname path parameter. Hostname of the node. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Node Services + description: Complete reference of the Node Services API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!deployment-openapi +notes: + - SDK Method used are + node_services.NodeServices.get_profiler_probe_config, + + - Paths used are + get /api/v1/profile/{hostname}, + +""" + +EXAMPLES = r""" +- name: Get Node Services Profiler Probe Config by name + cisco.ise.node_services_profiler_probe_config_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + hostname: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "activeDirectory": { + "daysBeforeRescan": 0 + }, + "dhcp": { + "interfaces": [ + { + "interface": "string" + } + ], + "port": 0 + }, + "dhcpSpan": { + "interfaces": [ + { + "interface": "string" + } + ] + }, + "dns": { + "timeout": 0 + }, + "http": { + "interfaces": [ + { + "interface": "string" + } + ] + }, + "netflow": { + "interfaces": [ + { + "interface": "string" + } + ], + "port": 0 + }, + "nmap": [ + {} + ], + "pxgrid": [ + {} + ], + "radius": [ + {} + ], + "snmpQuery": { + "eventTimeout": 0, + "retries": 0, + "timeout": 0 + }, + "snmpTrap": { + "interfaces": [ + { + "interface": "string" + } + ], + "linkTrapQuery": true, + "macTrapQuery": true, + "port": 0 + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_services_sxp_interfaces.py b/ansible_collections/cisco/ise/plugins/modules/node_services_sxp_interfaces.py new file mode 100644 index 00000000..af5961ad --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_services_sxp_interfaces.py @@ -0,0 +1,75 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_services_sxp_interfaces +short_description: Resource module for Node Services SXP Interfaces +description: +- Manage operation update of the resource Node Services SXP Interfaces. +- This API configures the SXP interface. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + hostname: + description: Hostname path parameter. Hostname of the node. + type: str + interface: + description: Node Services SXP Interfaces's interface. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Node Services + description: Complete reference of the Node Services API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!deployment-openapi +notes: + - SDK Method used are + node_services.NodeServices.set_sxp_interface, + + - Paths used are + put /api/v1/node/{hostname}/sxp-interface, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.node_services_sxp_interfaces: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + hostname: string + interface: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "interface": "string" + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "success": { + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_services_sxp_interfaces_info.py b/ansible_collections/cisco/ise/plugins/modules/node_services_sxp_interfaces_info.py new file mode 100644 index 00000000..fdd2716d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_services_sxp_interfaces_info.py @@ -0,0 +1,60 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_services_sxp_interfaces_info +short_description: Information module for Node Services SXP Interfaces +description: +- Get all Node Services SXP Interfaces. +- This API retrieves the SXP interface. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + hostname: + description: + - Hostname path parameter. Hostname of the node. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Node Services + description: Complete reference of the Node Services API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!deployment-openapi +notes: + - SDK Method used are + node_services.NodeServices.get_sxp_interface, + + - Paths used are + get /api/v1/node/{hostname}/sxp-interface, + +""" + +EXAMPLES = r""" +- name: Get all Node Services SXP Interfaces + cisco.ise.node_services_sxp_interfaces_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + hostname: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "interface": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_standalone_to_primary.py b/ansible_collections/cisco/ise/plugins/modules/node_standalone_to_primary.py new file mode 100644 index 00000000..c397cb32 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_standalone_to_primary.py @@ -0,0 +1,62 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_standalone_to_primary +short_description: Resource module for Node Standalone To Primary +description: +- Manage operation create of the resource Node Standalone To Primary. +- This API promotes the standalone node on which the API is invoked to the primary Policy Administration node PAN . +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + hostname: + description: Hostname path parameter. Hostname of the node. + type: str + required: true +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Node Deployment + description: Complete reference of the Node Deployment API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!deployment-openapi +notes: + - SDK Method used are + node_deployment.NodeDeployment.make_primary, + + - Paths used are + post /api/v1/deployment/primary, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.node_standalone_to_primary: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + hostname: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "success": { + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/node_sync.py b/ansible_collections/cisco/ise/plugins/modules/node_sync.py new file mode 100644 index 00000000..e45a0ae1 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/node_sync.py @@ -0,0 +1,54 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: node_sync +short_description: Resource module for Node Sync +description: +- Manage operation create of the resource Node Sync. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + hostname: + description: Node Sync's hostname. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sync_ise_node.SyncIseNode.sync_node, + + - Paths used are + post /api/v1/deployment/sync-node +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.node_sync: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + hostname: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "code": 0, + "message": "string", + "rootCause": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pan_ha.py b/ansible_collections/cisco/ise/plugins/modules/pan_ha.py new file mode 100644 index 00000000..0a33b80f --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pan_ha.py @@ -0,0 +1,84 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pan_ha +short_description: Resource module for Pan Ha +description: +- Manage operations create and delete of the resource Pan Ha. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + failedAttempts: + description: Pan Ha's failedAttempts. + type: int + isEnabled: + description: IsEnabled flag. + type: bool + pollingInterval: + description: Pan Ha's pollingInterval. + type: int + primaryHealthCheckNode: + description: Pan Ha's primaryHealthCheckNode. + type: str + secondaryHealthCheckNode: + description: Pan Ha's secondaryHealthCheckNode. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sync_ise_node.ReplicationStatus.get_node_replication_status, + + - Paths used are + get /api/v1/replication-status/{node} +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.pan_ha: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + failedAttempts: 0 + isEnabled: true + pollingInterval: 0 + primaryHealthCheckNode: string + secondaryHealthCheckNode: string + +- name: Delete all + cisco.ise.pan_ha: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "isEnabled": true, + "primaryHealthCheckNode": "string", + "secondaryHealthCheckNode": "string", + "pollingInterval": 0, + "failedAttempts": 0 + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pan_ha_info.py b/ansible_collections/cisco/ise/plugins/modules/pan_ha_info.py new file mode 100644 index 00000000..6a6ae62b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pan_ha_info.py @@ -0,0 +1,66 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pan_ha_info +short_description: Information module for Pan Ha +description: +- Get all Pan Ha. +- > + In a high availability configuration, the primary PAN is in active state. The secondary PAN backup PAN is in standby state, which means that it receives + all the configuration updates from the primary PAN, but is not active in the Cisco ISE cluster. You can configure Cisco ISE to automatically promote the + secondary PAN when the primary PAN becomes unavailable. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for PAN HA + description: Complete reference of the PAN HA API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!deployment-openapi +notes: + - SDK Method used are + pan_ha.PanHa.get_pan_ha_status, + + - Paths used are + get /api/v1/deployment/pan-ha, + +""" + +EXAMPLES = r""" +- name: Get all Pan Ha + cisco.ise.pan_ha_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "failedAttempts": 0, + "isEnabled": true, + "pollingInterval": 0, + "primaryHealthCheckNode": { + "hostname": "string" + }, + "secondaryHealthCheckNode": { + "hostname": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pan_ha_update.py b/ansible_collections/cisco/ise/plugins/modules/pan_ha_update.py new file mode 100644 index 00000000..6f0526a0 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pan_ha_update.py @@ -0,0 +1,89 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pan_ha_update +short_description: Resource module for Pan Ha Update +description: +- Manage operation update of the resource Pan Ha Update. +- To deploy the auto-failover feature, you must have at least three nodes, where. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + failedAttempts: + description: Failover occurs if the primary PAN is down for the specified number + of failure polls. Count (2 - 60).<br> The default value is 5. + type: int + isEnabled: + description: IsEnabled flag. + type: bool + pollingInterval: + description: Administration nodes are checked after each interval. Seconds (30 - + 300) <br> The default value is 120. + type: int + primaryHealthCheckNode: + description: Pan Ha Update's primaryHealthCheckNode. + suboptions: + hostname: + description: Pan Ha Update's hostname. + type: str + type: dict + secondaryHealthCheckNode: + description: Pan Ha Update's secondaryHealthCheckNode. + suboptions: + hostname: + description: Pan Ha Update's hostname. + type: str + type: dict +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for PAN HA + description: Complete reference of the PAN HA API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!deployment-openapi +notes: + - SDK Method used are + pan_ha.PanHa.update_pan_ha, + + - Paths used are + put /api/v1/deployment/pan-ha, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.pan_ha_update: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + failedAttempts: 0 + isEnabled: true + pollingInterval: 0 + primaryHealthCheckNode: + hostname: string + secondaryHealthCheckNode: + hostname: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "success": { + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/patch_info.py b/ansible_collections/cisco/ise/plugins/modules/patch_info.py new file mode 100644 index 00000000..ec427e64 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/patch_info.py @@ -0,0 +1,61 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: patch_info +short_description: Information module for Patch +description: +- Get all Patch. +- List all the installed patches in the system, with the patch number for rollback. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Patching + description: Complete reference of the Patching API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!patch-and-hot-patch-openapi +notes: + - SDK Method used are + patching.Patching.list_installed_patches, + + - Paths used are + get /api/v1/patch, + +""" + +EXAMPLES = r""" +- name: Get all Patch + cisco.ise.patch_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "iseVersion": "string", + "patchVersion": [ + { + "installDate": "string", + "patchNumber": 0 + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/patch_install.py b/ansible_collections/cisco/ise/plugins/modules/patch_install.py new file mode 100644 index 00000000..94d41ea7 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/patch_install.py @@ -0,0 +1,68 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: patch_install +short_description: Resource module for Patch Install +description: +- Manage operation create of the resource Patch Install. +- > + Triggers patch installation on the Cisco ISE node. A task ID is returned which can be used to monitor the progress of the patch installation process. As + the patch installation triggers the Cisco ISE to restart, the task API becomes unavailable for a certain period of time. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + patchName: + description: Patch Install's patchName. + type: str + repositoryName: + description: Patch Install's repositoryName. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Patching + description: Complete reference of the Patching API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!patch-and-hot-patch-openapi +notes: + - SDK Method used are + patching.Patching.install_patch, + + - Paths used are + post /api/v1/patch/install, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.patch_install: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + patchName: string + repositoryName: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "id": "string", + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/patch_rollback.py b/ansible_collections/cisco/ise/plugins/modules/patch_rollback.py new file mode 100644 index 00000000..f82dc23d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/patch_rollback.py @@ -0,0 +1,64 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: patch_rollback +short_description: Resource module for Patch Rollback +description: +- Manage operation create of the resource Patch Rollback. +- > + Triggers patch rollback on the Cisco ISE node. A task ID is returned which can be used to monitor the progress of the patch rollback process. As the + patch rollback triggers the Cisco ISE to restart, the task API becomes unavailable for a certain period of time. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + patchNumber: + description: Patch Rollback's patchNumber. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Patching + description: Complete reference of the Patching API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!patch-and-hot-patch-openapi +notes: + - SDK Method used are + patching.Patching.rollback_patch, + + - Paths used are + post /api/v1/patch/rollback, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.patch_rollback: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + patchNumber: 0 + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "id": "string", + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/personas_check_standalone.py b/ansible_collections/cisco/ise/plugins/modules/personas_check_standalone.py new file mode 100644 index 00000000..c8053dfd --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/personas_check_standalone.py @@ -0,0 +1,78 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: personas_check_standalone +short_description: Ensure the node is in standalone mode +description: +- Ensure the mode is in standalone mode +version_added: '0.0.8' +author: Rafael Campos (@racampos) +options: + ip: + description: + - The IP address of the node + type: str + username: + description: + - The username for the node. + type: str + password: + description: + - The password for the node. + type: str + hostname: + description: + - The hostname for the node for which the certificate will be exported. + type: str + ise_verify: + description: + - Whether or not to verify the identity of the node. + type: bool + ise_version: + description: + - The version of the ISE node. + type: str + ise_wait_on_rate_limit: + description: + - Whether or not to wait on rate limit + type: bool +requirements: +- requests >= 2.25.1 +- python >= 3.5 +seealso: +# Reference by module name +- module: cisco.ise.plugins.modules.personas_check_standalone +notes: + - "Does not support C(check_mode)" +""" + +EXAMPLES = r""" +- name: Check if all nodes are in STANDALONE state + cisco.ise.personas_check_standalone: + ip: "{{ item.ip }}" + username: admin + password: cisco123 + hostname: "{{ item.hostname }}" + loop: + - ip: 10.1.1.1 + hostname: ise-pan-server-1 + - ip: 10.1.1.2 + hostname: ise-pan-server-2 + - ip: 10.1.1.3 + hostname: ise-psn-server-1 + - ip: 10.1.1.4 + hostname: ise-psn-server-2 +""" + +RETURN = r""" +ise_response: + description: A string stating that the node is in standalone mode + returned: always + type: str + sample: Node ise-pan-server-1 is in STANDALONE mode +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/personas_export_certs.py b/ansible_collections/cisco/ise/plugins/modules/personas_export_certs.py new file mode 100644 index 00000000..18717268 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/personas_export_certs.py @@ -0,0 +1,99 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: personas_export_certs +short_description: Export certificate into primary node +description: +- Export certificate into primary node +version_added: '0.0.8' +author: Rafael Campos (@racampos) +options: + primary_ip: + description: + - The IP address of the primary node. + type: str + primary_username: + description: + - The username for the primary node. + type: str + primary_password: + description: + - The password for the primary node. + type: str + name: + description: + - The name of the node for which the certificate will be exported. + type: str + ip: + description: + - The IP address of the node for which the certificate will be exported. + type: str + hostname: + description: + - The hostname for the node for which the certificate will be exported. + type: str + username: + description: + - The username for the node for which the certificate will be exported. + type: str + password: + description: + - The password for the node for which the certificate will be exported. + type: str + ise_verify: + description: + - Whether or not to verify the identity of the node. + type: bool + ise_version: + description: + - The version of the ISE node. + type: str + ise_wait_on_rate_limit: + description: + - Whether or not to wait on rate limit + type: bool +requirements: +- requests >= 2.25.1 +- python >= 3.5 +seealso: +# Reference by module name +- module: cisco.ise.plugins.modules.personas_export_certs +notes: + - "Does not support C(check_mode)" +""" + +EXAMPLES = r""" +- name: Export trusted certificates into primary node + cisco.ise.personas_export_certs: + primary_ip: 10.1.1.1 + primary_username: admin + primary_password: cisco123 + name: "{{ item.name }}" + ip: "{{ item.ip }}" + hostname: "{{ item.hostname }}" + username: admin + password: cisco123 + loop: + - name: ISE PAN Server 2 + ip: 10.1.1.2 + hostname: ise-pan-server-2 + - name: ISE PSN Server 1 + ip: 10.1.1.3 + hostname: ise-psn-server-1 + - name: ISE PSN Server 2 + ip: 10.1.1.4 + hostname: ise-psn-server-2 +""" + +RETURN = r""" +ise_response: + description: A text string stating that the certificate was exported successfully. + returned: always + type: str + sample: The certificate for ISE PAN Server 2 was exported successfully to the primary node +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/personas_promote_primary.py b/ansible_collections/cisco/ise/plugins/modules/personas_promote_primary.py new file mode 100644 index 00000000..428c4823 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/personas_promote_primary.py @@ -0,0 +1,64 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: personas_promote_primary +short_description: Promote a node as the primary node +description: +- Promote a node as the primary node +version_added: '0.0.8' +author: Rafael Campos (@racampos) +options: + ip: + description: + - The IP address of the primary node + type: str + username: + description: + - The username to log into the primary node. + type: str + password: + description: + - The password to log into the primary node. + type: str + ise_verify: + description: + - Whether or not to verify the identity of the node. + type: bool + ise_version: + description: + - The version of the ISE node. + type: str + ise_wait_on_rate_limit: + description: + - Whether or not to wait on rate limit + type: bool +requirements: +- requests >= 2.25.1 +- python >= 3.5 +seealso: +# Reference by module name +- module: cisco.ise.plugins.modules.personas_promote_primary +notes: + - "Does not support C(check_mode)" +""" + +EXAMPLES = r""" +- name: Promote primary node + cisco.ise.personas_promote_primary: + ip: 10.1.1.1 + username: admin + password: Cisco123 +""" + +RETURN = r""" +ise_response: + description: A string stating that the node was promoted to primary + returned: always + type: str + sample: Primary node was successfully updated +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/personas_register_node.py b/ansible_collections/cisco/ise/plugins/modules/personas_register_node.py new file mode 100644 index 00000000..33830f41 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/personas_register_node.py @@ -0,0 +1,108 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: personas_register_node +short_description: Register a node to the primary +description: +- Register a node to the primary +version_added: '2.4.0' +author: Rafael Campos (@racampos) +options: + primary_ip: + description: + - The IP address of the primary node. + type: str + primary_username: + description: + - The username for the primary node. + type: str + primary_password: + description: + - The password for the primary node. + type: str + fqdn: + description: + - The fully qualified domain name of the node. + type: str + username: + description: + - The username to log into the node. + type: str + password: + description: + - The password to log into the node. + type: str + roles: + description: + - "The roles to be fulfilled by this node. Possible roles are PrimaryAdmin, SecondaryAdmin, \ + PrimaryMonitoring, SecondaryMonitoring, PrimaryDedicatedMonitoring, SecondaryDedicatedMonitoring, Standalone" + type: list + elements: str + services: + description: + - The services this node will run. Possible services are Session, Profiler, TC-NAC, SXP, DeviceAdmin, PassiveIdentity, pxGrid, pxGridCloud + type: list + elements: str + ise_verify: + description: + - Whether or not to verify the identity of the node. + type: bool + ise_version: + description: + - The version of the ISE node. + type: str + ise_wait_on_rate_limit: + description: + - Whether or not to wait on rate limit + type: bool +requirements: +- requests >= 2.25.1 +- python >= 3.5 +seealso: +# Reference by module name +- module: cisco.ise.plugins.modules.personas_register_node +notes: + - "Does not support C(check_mode)" +""" + +EXAMPLES = r""" +- name: Register the secondary node and PSN nodes to the cluster + cisco.ise.personas_register_node: + primary_ip: 10.1.1.1 + primary_username: admin + primary_password: Cisco123 + fqdn: "{{ item.fqdn }}" + username: admin + password: cisco123 + roles: "{{ item.roles }}" + services: "{{ item.services }}" + loop: + - fqdn: ise-pan-server-2.example.com + roles: + - SecondaryAdmin + - SecondaryMonitoring + services: [] + - fqdn: ise-psn-server-1.example.com + roles: [] + services: + - Session + - Profiler + - fqdn: ise-psn-server-2.example.com + roles: [] + services: + - Session + - Profiler +""" + +RETURN = r""" +ise_response: + description: A string stating that the node was successfully registered + returned: always + type: str + sample: Node ise-pan-server-2 updated successfully +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/personas_update_roles_services.py b/ansible_collections/cisco/ise/plugins/modules/personas_update_roles_services.py new file mode 100644 index 00000000..ce4560fb --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/personas_update_roles_services.py @@ -0,0 +1,83 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: personas_update_roles_services +short_description: Update the roles and services of a node +description: +- Update the roles and services of a node +version_added: '2.4.0' +author: Rafael Campos (@racampos) +options: + ip: + description: + - The IP address of the node to be updated. + type: str + username: + description: + - The username to log into the node. + type: str + password: + description: + - The password to log into the node. + type: str + hostname: + description: + - The hostname of the node. + type: str + roles: + description: + - "The roles to be fulfilled by this node. Possible roles are PrimaryAdmin, SecondaryAdmin, \ + PrimaryMonitoring, SecondaryMonitoring, PrimaryDedicatedMonitoring, SecondaryDedicatedMonitoring, Standalone" + type: list + elements: str + services: + description: + - The services this node will run. Possible services are Session, Profiler, TC-NAC, SXP, DeviceAdmin, PassiveIdentity, pxGrid, pxGridCloud + type: list + elements: str + ise_verify: + description: + - Whether or not to verify the identity of the node. + type: bool + ise_version: + description: + - The version of the ISE node. + type: str + ise_wait_on_rate_limit: + description: + - Whether or not to wait on rate limit + type: bool +requirements: +- requests >= 2.25.1 +- python >= 3.5 +seealso: +# Reference by module name +- module: cisco.ise.plugins.modules.personas_update_roles_services +notes: + - "Does not support C(check_mode)" +""" + +EXAMPLES = r""" +- name: Remove the Primary Monitoring role and the Session and Profiler services from the primary node + cisco.ise.personas_update_roles_services: + ip: 10.1.1.1 + username: admin + password: C1sco123 + hostname: ise-pan-server-1 + roles: + - PrimaryAdmin + services: [] +""" + +RETURN = r""" +ise_response: + description: A string stating that the node was successfully updated + returned: always + type: str + sample: Node ise-pan-server-1 updated successfully +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/portal_global_setting.py b/ansible_collections/cisco/ise/plugins/modules/portal_global_setting.py new file mode 100644 index 00000000..5c3e74e1 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/portal_global_setting.py @@ -0,0 +1,86 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: portal_global_setting +short_description: Resource module for Portal Global Setting +description: +- Manage operation update of the resource Portal Global Setting. +- This API allows the client to update the portal global settings by id. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + customization: + description: Allowed values - HTML, - HTMLANDJAVASCRIPT. + type: str + id: + description: Portal Global Setting's id. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + portal_global_setting.PortalGlobalSetting.update_portal_global_setting_by_id, + + - Paths used are + put /ers/config/portalglobalsetting/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.portal_global_setting: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + customization: string + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "customization": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/portal_global_setting_info.py b/ansible_collections/cisco/ise/plugins/modules/portal_global_setting_info.py new file mode 100644 index 00000000..e0bc9c26 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/portal_global_setting_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: portal_global_setting_info +short_description: Information module for Portal Global Setting +description: +- Get all Portal Global Setting. +- Get Portal Global Setting by id. +- This API allows the client to get all the portal global settings. +- This API allows the client to get the portal global settings by id. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + portal_global_setting.PortalGlobalSetting.get_portal_global_setting_by_id, + portal_global_setting.PortalGlobalSetting.get_portal_global_settings_generator, + + - Paths used are + get /ers/config/portalglobalsetting, + get /ers/config/portalglobalsetting/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Portal Global Setting + cisco.ise.portal_global_setting_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Portal Global Setting by id + cisco.ise.portal_global_setting_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "customization": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "customization": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/portal_info.py b/ansible_collections/cisco/ise/plugins/modules/portal_info.py new file mode 100644 index 00000000..315df083 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/portal_info.py @@ -0,0 +1,145 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: portal_info +short_description: Information module for Portal +description: +- Get all Portal. +- Get Portal by id. +- This API allows the client to get a portal by ID. +- This API allows the client to get all the portals. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + portal.Portal.get_portal_by_id, + portal.Portal.get_portals_generator, + + - Paths used are + get /ers/config/portal, + get /ers/config/portal/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Portal + cisco.ise.portal_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Portal by id + cisco.ise.portal_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/portal_theme.py b/ansible_collections/cisco/ise/plugins/modules/portal_theme.py new file mode 100644 index 00000000..f2099274 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/portal_theme.py @@ -0,0 +1,122 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: portal_theme +short_description: Resource module for Portal Theme +description: +- Manage operations create, update and delete of the resource Portal Theme. +- This API creates a portal theme. +- This API deletes a portal theme by ID. +- This API allows the client to update a portal theme by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + description: + description: Portal Theme's description. + type: str + id: + description: Portal Theme's id. + type: str + name: + description: Portal Theme's name. + type: str + themeData: + description: Portal Theme for all portals. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + portal_theme.PortalTheme.create_portal_theme, + portal_theme.PortalTheme.delete_portal_theme_by_id, + portal_theme.PortalTheme.update_portal_theme_by_id, + + - Paths used are + post /ers/config/portaltheme, + delete /ers/config/portaltheme/{id}, + put /ers/config/portaltheme/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.portal_theme: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + id: string + name: string + themeData: string + +- name: Delete by id + cisco.ise.portal_theme: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.portal_theme: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + name: string + themeData: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "themeData": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/portal_theme_info.py b/ansible_collections/cisco/ise/plugins/modules/portal_theme_info.py new file mode 100644 index 00000000..eaa5a691 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/portal_theme_info.py @@ -0,0 +1,145 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: portal_theme_info +short_description: Information module for Portal Theme +description: +- Get all Portal Theme. +- Get Portal Theme by id. +- This API allows the client to get a portal theme by ID. +- This API allows the client to get all the portal themes. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + portal_theme.PortalTheme.get_portal_theme_by_id, + portal_theme.PortalTheme.get_portal_themes_generator, + + - Paths used are + get /ers/config/portaltheme, + get /ers/config/portaltheme/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Portal Theme + cisco.ise.portal_theme_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Portal Theme by id + cisco.ise.portal_theme_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "themeData": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "themeData": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/profiler_profile_info.py b/ansible_collections/cisco/ise/plugins/modules/profiler_profile_info.py new file mode 100644 index 00000000..be32314d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/profiler_profile_info.py @@ -0,0 +1,145 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: profiler_profile_info +short_description: Information module for Profiler Profile +description: +- Get all Profiler Profile. +- Get Profiler Profile by id. +- This API allows the client to get a profiler profile by ID. +- This API allows the client to get all the profiler profiles. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + profiler_profile.ProfilerProfile.get_profiler_profile_by_id, + profiler_profile.ProfilerProfile.get_profiler_profiles_generator, + + - Paths used are + get /ers/config/profilerprofile, + get /ers/config/profilerprofile/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Profiler Profile + cisco.ise.profiler_profile_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Profiler Profile by id + cisco.ise.profiler_profile_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "parentId": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "parentId": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/proxy_connection_settings.py b/ansible_collections/cisco/ise/plugins/modules/proxy_connection_settings.py new file mode 100644 index 00000000..92f4ad27 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/proxy_connection_settings.py @@ -0,0 +1,101 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: proxy_connection_settings +short_description: Resource module for Proxy Connection Settings +description: +- Manage operation update of the resource Proxy Connection Settings. +- The following functionalities are impacted by the proxy settings. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + bypassHosts: + description: Bypass hosts for the proxy connection. + type: str + fqdn: + description: Proxy IP address or DNS-resolvable host name. + type: str + password: + description: Password for the proxy connection. + type: str + passwordRequired: + description: Indicates whether password configuration is required for Proxy. + type: bool + port: + description: Port for proxy connection. Should be between 1 and 65535. + type: int + userName: + description: User name for the proxy connection. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for proxy + description: Complete reference of the proxy API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!system-settings-openapi +notes: + - SDK Method used are + proxy.Proxy.update_proxy_connection, + + - Paths used are + put /api/v1/system-settings/proxy, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.proxy_connection_settings: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + bypassHosts: string + fqdn: string + password: string + passwordRequired: true + port: 0 + userName: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "bypassHosts": "string", + "fqdn": "string", + "password": "string", + "passwordRequired": true, + "port": 0, + "userName": "string" + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "bypassHosts": "string", + "fqdn": "string", + "password": "string", + "passwordRequired": true, + "port": 0, + "userName": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/proxy_connection_settings_info.py b/ansible_collections/cisco/ise/plugins/modules/proxy_connection_settings_info.py new file mode 100644 index 00000000..d14440bd --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/proxy_connection_settings_info.py @@ -0,0 +1,60 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: proxy_connection_settings_info +short_description: Information module for Proxy Connection Settings +description: +- Get all Proxy Connection Settings. +- The following functionalities are impacted by the proxy settings. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for proxy + description: Complete reference of the proxy API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!system-settings-openapi +notes: + - SDK Method used are + proxy.Proxy.get_proxy_connection, + + - Paths used are + get /api/v1/system-settings/proxy, + +""" + +EXAMPLES = r""" +- name: Get all Proxy Connection Settings + cisco.ise.proxy_connection_settings_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "bypassHosts": "string", + "fqdn": "string", + "password": "string", + "passwordRequired": true, + "port": 0, + "userName": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/px_grid_node_approve.py b/ansible_collections/cisco/ise/plugins/modules/px_grid_node_approve.py new file mode 100644 index 00000000..172dab5f --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/px_grid_node_approve.py @@ -0,0 +1,52 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: px_grid_node_approve +short_description: Resource module for Px Grid Node Approve +description: +- Manage operation update of the resource Px Grid Node Approve. +- This API allows the client to approve a pxGrid node. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + name: + description: Name path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + px_grid_node.PxGridNode.approve_px_grid_node, + + - Paths used are + put /ers/config/pxgridnode/name/{name}/approve, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.px_grid_node_approve: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/px_grid_node_delete.py b/ansible_collections/cisco/ise/plugins/modules/px_grid_node_delete.py new file mode 100644 index 00000000..a620e17c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/px_grid_node_delete.py @@ -0,0 +1,52 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: px_grid_node_delete +short_description: Resource module for Px Grid Node Delete +description: +- Manage operation delete of the resource Px Grid Node Delete. +- This API deletes a pxGrid node by name. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + name: + description: Name path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + px_grid_node.PxGridNode.delete_px_grid_node_by_name, + + - Paths used are + delete /ers/config/pxgridnode/name/{name}, + +""" + +EXAMPLES = r""" +- name: Delete by name + cisco.ise.px_grid_node_delete: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/px_grid_node_info.py b/ansible_collections/cisco/ise/plugins/modules/px_grid_node_info.py new file mode 100644 index 00000000..43f0e957 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/px_grid_node_info.py @@ -0,0 +1,128 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: px_grid_node_info +short_description: Information module for Px Grid Node +description: +- Get all Px Grid Node. +- Get Px Grid Node by id. +- Get Px Grid Node by name. +- This API allows the client to get a pxGrid node by ID. +- This API allows the client to get a pxGrid node by name. +- This API allows the client to get all the npxGrid nodes. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + px_grid_node.PxGridNode.get_px_grid_node_by_id, + px_grid_node.PxGridNode.get_px_grid_node_by_name, + px_grid_node.PxGridNode.get_px_grid_node_generator, + + - Paths used are + get /ers/config/pxgridnode, + get /ers/config/pxgridnode/name/{name}, + get /ers/config/pxgridnode/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Px Grid Node + cisco.ise.px_grid_node_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + register: result + +- name: Get Px Grid Node by id + cisco.ise.px_grid_node_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get Px Grid Node by name + cisco.ise.px_grid_node_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "status": "string", + "authMethod": "string", + "groups": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "status": "string", + "authMethod": "string", + "groups": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/px_grid_settings_auto_approve.py b/ansible_collections/cisco/ise/plugins/modules/px_grid_settings_auto_approve.py new file mode 100644 index 00000000..886991e9 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/px_grid_settings_auto_approve.py @@ -0,0 +1,56 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: px_grid_settings_auto_approve +short_description: Resource module for Px Grid Settings Auto Approve +description: +- Manage operation update of the resource Px Grid Settings Auto Approve. +- This API allows the client to auto approve the pxGrid settings. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + allowPasswordBasedAccounts: + description: Allow password based accounts when true. + type: bool + autoApproveCertBasedAccounts: + description: Auto approve certificate based accounts when true. + type: bool +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + px_grid_settings.PxGridSettings.autoapprove_px_grid_settings, + + - Paths used are + put /ers/config/pxgridsettings/autoapprove, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.px_grid_settings_auto_approve: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + allowPasswordBasedAccounts: true + autoApproveCertBasedAccounts: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_access_secret.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_access_secret.py new file mode 100644 index 00000000..dca5b999 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_access_secret.py @@ -0,0 +1,51 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_access_secret +short_description: Resource module for pxGrid Access Secret +description: +- Manage operation create of the resource pxGrid Access Secret. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + peerNodeName: + description: pxGrid Access Secret's peerNodeName. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + consumer.Consumer.access_secret, + + - Paths used are + post /control/AccessSecret, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.pxgrid_access_secret: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + peerNodeName: ise-admin-pxgrid-002 + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_account_activate.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_account_activate.py new file mode 100644 index 00000000..8e2571b0 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_account_activate.py @@ -0,0 +1,51 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_account_activate +short_description: Resource module for pxGrid Account Activate +description: +- Manage operation create of the resource pxGrid Account Activate. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + description: + description: pxGrid Account Activate's description. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + consumer.Consumer.activate_account, + + - Paths used are + post /control/AccountActivate, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.pxgrid_account_activate: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + description: MyApp 1.0 + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_account_create.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_account_create.py new file mode 100644 index 00000000..4de7c868 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_account_create.py @@ -0,0 +1,51 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_account_create +short_description: Resource module for pxGrid Account Create +description: +- Manage operation create of the resource pxGrid Account Create. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + nodeName: + description: pxGrid Account Create's nodeName. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + consumer.Consumer.create_account, + + - Paths used are + post /control/AccountCreate, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.pxgrid_account_create: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + nodeName: MyName01 + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_authorization.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_authorization.py new file mode 100644 index 00000000..7eaf7442 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_authorization.py @@ -0,0 +1,47 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_authorization +short_description: Resource module for pxGrid Authorization +description: +- Manage operation create of the resource pxGrid Authorization. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + provider.Provider.authorization, + + - Paths used are + post /control/Authorization, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.pxgrid_authorization: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_bindings_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_bindings_info.py new file mode 100644 index 00000000..9a27324c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_bindings_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_bindings_info +short_description: Information module for pxGrid Bindings Info +description: +- Get pxGrid Bindings Info. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + trust_sec_sxp.TrustSecSxp.get_bindings, + + - Paths used are + post /ise/sxp/getBindings, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid Bindings Info + cisco.ise.pxgrid_bindings_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_egress_matrices_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_egress_matrices_info.py new file mode 100644 index 00000000..33b2e21e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_egress_matrices_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_egress_matrices_info +short_description: Information module for pxGrid Egress Matrices Info +description: +- Get pxGrid Egress Matrices Info. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + trust_sec_configuration.TrustSecConfiguration.get_egress_matrices, + + - Paths used are + post /ise/config/trustsec/getEgressMatrices, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid Egress Matrices Info + cisco.ise.pxgrid_egress_matrices_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_egress_policies_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_egress_policies_info.py new file mode 100644 index 00000000..38f89a6a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_egress_policies_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_egress_policies_info +short_description: Information module for pxGrid Egress Policies Info +description: +- Get pxGrid Egress Policies Info. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + trust_sec_configuration.TrustSecConfiguration.get_egress_policies, + + - Paths used are + post /ise/config/trustsec/getEgressPolicies, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid Egress Policies Info + cisco.ise.pxgrid_egress_policies_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_endpoint_by_mac_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_endpoint_by_mac_info.py new file mode 100644 index 00000000..49bcc5e5 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_endpoint_by_mac_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_endpoint_by_mac_info +short_description: Information module for pxGrid Endpoint By Mac Info +description: +- Get pxGrid Endpoint By Mac Info. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + mdm.Mdm.get_endpoint_by_mac_address, + + - Paths used are + post /ise/mdm/getEndpointByMacAddress, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid Endpoint By Mac Info + cisco.ise.pxgrid_endpoint_by_mac_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_endpoints_by_os_type_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_endpoints_by_os_type_info.py new file mode 100644 index 00000000..15a6ff34 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_endpoints_by_os_type_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_endpoints_by_os_type_info +short_description: Information module for pxGrid Endpoints By Os Type Info +description: +- Get pxGrid Endpoints By Os Type Info. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + mdm.Mdm.get_endpoints_by_os_type, + + - Paths used are + post /ise/mdm/getEndpointsByOsType, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid Endpoints By Os Type Info + cisco.ise.pxgrid_endpoints_by_os_type_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_endpoints_by_type_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_endpoints_by_type_info.py new file mode 100644 index 00000000..bdedd95d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_endpoints_by_type_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_endpoints_by_type_info +short_description: Information module for pxGrid Endpoints By Type Info +description: +- Get pxGrid Endpoints By Type Info. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + mdm.Mdm.get_endpoints_by_type, + + - Paths used are + post /ise/mdm/getEndpointsByType, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid Endpoints By Type Info + cisco.ise.pxgrid_endpoints_by_type_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_endpoints_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_endpoints_info.py new file mode 100644 index 00000000..eec04621 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_endpoints_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_endpoints_info +short_description: Information module for pxGrid Endpoints Info +description: +- Get pxGrid Endpoints Info. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + mdm.Mdm.get_endpoints, + + - Paths used are + post /ise/mdm/getEndpoints, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid Endpoints Info + cisco.ise.pxgrid_endpoints_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_failures_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_failures_info.py new file mode 100644 index 00000000..475b9224 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_failures_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_failures_info +short_description: Information module for pxGrid Failures +description: +- Get all pxGrid Failures. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + radius_failure.RadiusFailure.get_failures, + + - Paths used are + get /getFailures, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid Failures + cisco.ise.pxgrid_failures_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_healths_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_healths_info.py new file mode 100644 index 00000000..d247161b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_healths_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_healths_info +short_description: Information module for pxGrid Healths Info +description: +- Get pxGrid Healths Info. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + system_health.SystemHealth.get_healths, + + - Paths used are + post /ise/system/getHealths, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid Healths Info + cisco.ise.pxgrid_healths_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_node_approve.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_node_approve.py new file mode 100644 index 00000000..c58e4419 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_node_approve.py @@ -0,0 +1,52 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_node_approve +short_description: Resource module for pxGrid Node Approve +description: +- Manage operation update of the resource pxGrid Node Approve. +- This API allows the client to approve a pxGrid node. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + name: + description: Name path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + px_grid_node.PxGridNode.approve_px_grid_node, + + - Paths used are + put /ers/config/pxgridnode/name/{name}/approve, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.pxgrid_node_approve: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_node_delete.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_node_delete.py new file mode 100644 index 00000000..5248f7a1 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_node_delete.py @@ -0,0 +1,52 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_node_delete +short_description: Resource module for pxGrid Node Delete +description: +- Manage operation delete of the resource pxGrid Node Delete. +- This API deletes a pxGrid node by name. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + name: + description: Name path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + px_grid_node.PxGridNode.delete_px_grid_node_by_name, + + - Paths used are + delete /ers/config/pxgridnode/name/{name}, + +""" + +EXAMPLES = r""" +- name: Delete by name + cisco.ise.pxgrid_node_delete: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_node_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_node_info.py new file mode 100644 index 00000000..19f71636 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_node_info.py @@ -0,0 +1,128 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_node_info +short_description: Information module for pxGrid Node +description: +- Get all pxGrid Node. +- Get pxGrid Node by id. +- Get pxGrid Node by name. +- This API allows the client to get a pxGrid node by ID. +- This API allows the client to get a pxGrid node by name. +- This API allows the client to get all the npxGrid nodes. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + px_grid_node.PxGridNode.get_px_grid_node_by_id, + px_grid_node.PxGridNode.get_px_grid_node_by_name, + px_grid_node.PxGridNode.get_px_grid_node_generator, + + - Paths used are + get /ers/config/pxgridnode, + get /ers/config/pxgridnode/name/{name}, + get /ers/config/pxgridnode/{id}, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid Node + cisco.ise.pxgrid_node_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + register: result + +- name: Get pxGrid Node by id + cisco.ise.pxgrid_node_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get pxGrid Node by name + cisco.ise.pxgrid_node_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "status": "string", + "authMethod": "string", + "groups": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "status": "string", + "authMethod": "string", + "groups": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_performances_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_performances_info.py new file mode 100644 index 00000000..9f14887e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_performances_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_performances_info +short_description: Information module for pxGrid Performances Info +description: +- Get pxGrid Performances Info. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + system_health.SystemHealth.get_performances, + + - Paths used are + post /ise/system/getPerformances, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid Performances Info + cisco.ise.pxgrid_performances_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_profiles_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_profiles_info.py new file mode 100644 index 00000000..94944e78 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_profiles_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_profiles_info +short_description: Information module for pxGrid Profiles Info +description: +- Get pxGrid Profiles Info. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + profiler.Profiler.get_profiles, + + - Paths used are + post /ise/config/profiler/getProfiles, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid Profiles Info + cisco.ise.pxgrid_profiles_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_security_group_acls_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_security_group_acls_info.py new file mode 100644 index 00000000..b003c914 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_security_group_acls_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_security_group_acls_info +short_description: Information module for pxGrid Security Group ACLs Info +description: +- Get pxGrid Security Group ACLs Info. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + trust_sec_configuration.TrustSecConfiguration.get_security_group_acls, + + - Paths used are + post /ise/config/trustsec/getSecurityGroupAcls, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid Security Group ACLs Info + cisco.ise.pxgrid_security_group_acls_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_security_groups_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_security_groups_info.py new file mode 100644 index 00000000..dd6867c4 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_security_groups_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_security_groups_info +short_description: Information module for pxGrid Security Groups Info +description: +- Get pxGrid Security Groups Info. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + trust_sec_configuration.TrustSecConfiguration.get_security_groups, + + - Paths used are + post /ise/config/trustsec/getSecurityGroups, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid Security Groups Info + cisco.ise.pxgrid_security_groups_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_service_lookup.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_service_lookup.py new file mode 100644 index 00000000..5787aecb --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_service_lookup.py @@ -0,0 +1,51 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_service_lookup +short_description: Resource module for pxGrid Service Lookup +description: +- Manage operation create of the resource pxGrid Service Lookup. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + name: + description: pxGrid Service Lookup's name. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + consumer.Consumer.lookup_service, + + - Paths used are + post /control/ServiceLookup, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.pxgrid_service_lookup: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: com.cisco.ise.pubsub + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_service_register.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_service_register.py new file mode 100644 index 00000000..c78f2df8 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_service_register.py @@ -0,0 +1,51 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_service_register +short_description: Resource module for pxGrid Service Register +description: +- Manage operation create of the resource pxGrid Service Register. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + name: + description: pxGrid Service Register's name. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + provider.Provider.register_service, + + - Paths used are + post /control/ServiceRegister, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.pxgrid_service_register: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: com.cisco.ise.pubsub + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_service_reregister.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_service_reregister.py new file mode 100644 index 00000000..a79a00dd --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_service_reregister.py @@ -0,0 +1,47 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_service_reregister +short_description: Resource module for pxGrid Service Reregister +description: +- Manage operation create of the resource pxGrid Service Reregister. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + provider.Provider.reregister_service, + + - Paths used are + post /control/ServiceReregister, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.pxgrid_service_reregister: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_service_unregister.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_service_unregister.py new file mode 100644 index 00000000..f0316a4f --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_service_unregister.py @@ -0,0 +1,47 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_service_unregister +short_description: Resource module for pxGrid Service Unregister +description: +- Manage operation create of the resource pxGrid Service Unregister. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + provider.Provider.unregister_service, + + - Paths used are + post /control/ServiceUnregister, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.pxgrid_service_unregister: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_session_by_ip_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_session_by_ip_info.py new file mode 100644 index 00000000..6260c36e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_session_by_ip_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_session_by_ip_info +short_description: Information module for pxGrid Session By Ip Info +description: +- Get pxGrid Session By Ip Info. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + session_directory.SessionDirectory.get_session_by_ip_address, + + - Paths used are + post /ise/session/getSessionByIpAddress, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid Session By Ip Info + cisco.ise.pxgrid_session_by_ip_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_session_by_mac_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_session_by_mac_info.py new file mode 100644 index 00000000..6ddea664 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_session_by_mac_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_session_by_mac_info +short_description: Information module for pxGrid Session By Mac Info +description: +- Get pxGrid Session By Mac Info. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + session_directory.SessionDirectory.get_session_by_mac_address, + + - Paths used are + post /ise/session/getSessionByMacAddress, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid Session By Mac Info + cisco.ise.pxgrid_session_by_mac_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_session_for_recovery_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_session_for_recovery_info.py new file mode 100644 index 00000000..c9b3c975 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_session_for_recovery_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_session_for_recovery_info +short_description: Information module for pxGrid Session For Recovery Info +description: +- Get pxGrid Session For Recovery Info. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + session_directory.SessionDirectory.get_sessions_for_recovery, + + - Paths used are + post /ise/session/getSessionsForRecovery, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid Session For Recovery Info + cisco.ise.pxgrid_session_for_recovery_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_sessions_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_sessions_info.py new file mode 100644 index 00000000..bf910ac3 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_sessions_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_sessions_info +short_description: Information module for pxGrid Sessions Info +description: +- Get pxGrid Sessions Info. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + session_directory.SessionDirectory.get_sessions, + + - Paths used are + post /ise/session/getSessions, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid Sessions Info + cisco.ise.pxgrid_sessions_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_settings_auto_approve.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_settings_auto_approve.py new file mode 100644 index 00000000..fb1b90ca --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_settings_auto_approve.py @@ -0,0 +1,56 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_settings_auto_approve +short_description: Resource module for pxGrid Settings Auto Approve +description: +- Manage operation update of the resource pxGrid Settings Auto Approve. +- This API allows the client to auto approve the pxGrid settings. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + allowPasswordBasedAccounts: + description: Allow password based accounts when true. + type: bool + autoApproveCertBasedAccounts: + description: Auto approve certificate based accounts when true. + type: bool +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + px_grid_settings.PxGridSettings.autoapprove_px_grid_settings, + + - Paths used are + put /ers/config/pxgridsettings/autoapprove, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.pxgrid_settings_auto_approve: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + allowPasswordBasedAccounts: true + autoApproveCertBasedAccounts: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_user_group_by_username_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_user_group_by_username_info.py new file mode 100644 index 00000000..a7667adb --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_user_group_by_username_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_user_group_by_username_info +short_description: Information module for pxGrid User Group By Username Info +description: +- Get pxGrid User Group By Username Info. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + session_directory.SessionDirectory.get_user_group_by_user_name, + + - Paths used are + post /ise/session/getUserGroupByUserName, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid User Group By Username Info + cisco.ise.pxgrid_user_group_by_username_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/pxgrid_user_groups_info.py b/ansible_collections/cisco/ise/plugins/modules/pxgrid_user_groups_info.py new file mode 100644 index 00000000..407c42f8 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/pxgrid_user_groups_info.py @@ -0,0 +1,48 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: pxgrid_user_groups_info +short_description: Information module for pxGrid User Groups Info +description: +- Get pxGrid User Groups Info. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + session_directory.SessionDirectory.get_user_groups, + + - Paths used are + post /ise/session/getUserGroups, + +""" + +EXAMPLES = r""" +- name: Get all pxGrid User Groups Info + cisco.ise.pxgrid_user_groups_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/radius_server_sequence.py b/ansible_collections/cisco/ise/plugins/modules/radius_server_sequence.py new file mode 100644 index 00000000..6bf112bd --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/radius_server_sequence.py @@ -0,0 +1,267 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: radius_server_sequence +short_description: Resource module for RADIUS Server Sequence +description: +- Manage operations create, update and delete of the resource RADIUS Server Sequence. +- This API creates a RADIUS server sequence. +- This API deletes a RADIUS server sequence. +- This API allows the client to update a RADIUS server sequence. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + BeforeAcceptAttrManipulatorsList: + description: The beforeAcceptAttrManipulators is required only if useAttrSetBeforeAcc + is true. + elements: dict + suboptions: + action: + description: Allowed Values - ADD, - UPDATE, - REMOVE, - REMOVEANY. + type: str + attributeName: + description: RADIUS Server Sequence's attributeName. + type: str + changedVal: + description: The changedVal is required only if the action equals to 'UPDATE'. + type: str + dictionaryName: + description: RADIUS Server Sequence's dictionaryName. + type: str + value: + description: RADIUS Server Sequence's value. + type: str + type: list + OnRequestAttrManipulatorList: + description: The onRequestAttrManipulators is required only if useAttrSetOnRequest + is true. + elements: dict + suboptions: + action: + description: Allowed Values - ADD, - UPDATE, - REMOVE, - REMOVEANY. + type: str + attributeName: + description: RADIUS Server Sequence's attributeName. + type: str + changedVal: + description: The changedVal is required only if the action equals to 'UPDATE'. + type: str + dictionaryName: + description: RADIUS Server Sequence's dictionaryName. + type: str + value: + description: RADIUS Server Sequence's value. + type: str + type: list + RADIUSServerList: + description: RADIUS Server Sequence's RADIUSServerList. + elements: str + type: list + continueAuthorzPolicy: + description: ContinueAuthorzPolicy flag. + type: bool + description: + description: RADIUS Server Sequence's description. + type: str + id: + description: RADIUS Server Sequence's id. + type: str + localAccounting: + description: LocalAccounting flag. + type: bool + name: + description: RADIUS Server Sequence's name. + type: str + prefixSeparator: + description: The prefixSeparator is required only if stripPrefix is true. The maximum + length is 1 character. + type: str + remoteAccounting: + description: RemoteAccounting flag. + type: bool + stripPrefix: + description: StripPrefix flag. + type: bool + stripSuffix: + description: StripSuffix flag. + type: bool + suffixSeparator: + description: The suffixSeparator is required only if stripSuffix is true. The maximum + length is 1 character. + type: str + useAttrSetBeforeAcc: + description: UseAttrSetBeforeAcc flag. + type: bool + useAttrSetOnRequest: + description: UseAttrSetOnRequest flag. + type: bool +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + radius_server_sequence.RadiusServerSequence.create_radius_server_sequence, + radius_server_sequence.RadiusServerSequence.delete_radius_server_sequence_by_id, + radius_server_sequence.RadiusServerSequence.update_radius_server_sequence_by_id, + + - Paths used are + post /ers/config/radiusserversequence, + delete /ers/config/radiusserversequence/{id}, + put /ers/config/radiusserversequence/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.radius_server_sequence: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + BeforeAcceptAttrManipulatorsList: + - action: string + attributeName: string + changedVal: string + dictionaryName: string + value: string + OnRequestAttrManipulatorList: + - action: string + attributeName: string + changedVal: string + dictionaryName: string + value: string + RadiusServerList: + - string + continueAuthorzPolicy: true + description: string + id: string + localAccounting: true + name: string + prefixSeparator: string + remoteAccounting: true + stripPrefix: true + stripSuffix: true + suffixSeparator: string + useAttrSetBeforeAcc: true + useAttrSetOnRequest: true + +- name: Delete by id + cisco.ise.radius_server_sequence: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.radius_server_sequence: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + BeforeAcceptAttrManipulatorsList: + - action: string + attributeName: string + changedVal: string + dictionaryName: string + value: string + OnRequestAttrManipulatorList: + - action: string + attributeName: string + changedVal: string + dictionaryName: string + value: string + RadiusServerList: + - string + continueAuthorzPolicy: true + description: string + localAccounting: true + name: string + prefixSeparator: string + remoteAccounting: true + stripPrefix: true + stripSuffix: true + suffixSeparator: string + useAttrSetBeforeAcc: true + useAttrSetOnRequest: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "stripPrefix": true, + "stripSuffix": true, + "prefixSeparator": "string", + "suffixSeparator": "string", + "remoteAccounting": true, + "localAccounting": true, + "useAttrSetOnRequest": true, + "useAttrSetBeforeAcc": true, + "continueAuthorzPolicy": true, + "RadiusServerList": [ + "string" + ], + "OnRequestAttrManipulatorList": [ + { + "action": "string", + "dictionaryName": "string", + "attributeName": "string", + "value": "string", + "changedVal": "string" + } + ], + "BeforeAcceptAttrManipulatorsList": [ + { + "action": "string", + "dictionaryName": "string", + "attributeName": "string", + "value": "string", + "changedVal": "string" + } + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/radius_server_sequence_info.py b/ansible_collections/cisco/ise/plugins/modules/radius_server_sequence_info.py new file mode 100644 index 00000000..91097fdd --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/radius_server_sequence_info.py @@ -0,0 +1,165 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: radius_server_sequence_info +short_description: Information module for RADIUS Server Sequence +description: +- Get all RADIUS Server Sequence. +- Get RADIUS Server Sequence by id. +- This API allows the client to get a RADIUS server sequence by ID. +- This API allows the client to get all the RADIUS server sequences. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + radius_server_sequence.RadiusServerSequence.get_radius_server_sequence_by_id, + radius_server_sequence.RadiusServerSequence.get_radius_server_sequence_generator, + + - Paths used are + get /ers/config/radiusserversequence, + get /ers/config/radiusserversequence/{id}, + +""" + +EXAMPLES = r""" +- name: Get all RADIUS Server Sequence + cisco.ise.radius_server_sequence_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + register: result + +- name: Get RADIUS Server Sequence by id + cisco.ise.radius_server_sequence_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "stripPrefix": true, + "stripSuffix": true, + "prefixSeparator": "string", + "suffixSeparator": "string", + "remoteAccounting": true, + "localAccounting": true, + "useAttrSetOnRequest": true, + "useAttrSetBeforeAcc": true, + "continueAuthorzPolicy": true, + "RadiusServerList": [ + "string" + ], + "OnRequestAttrManipulatorList": [ + { + "action": "string", + "dictionaryName": "string", + "attributeName": "string", + "value": "string", + "changedVal": "string" + } + ], + "BeforeAcceptAttrManipulatorsList": [ + { + "action": "string", + "dictionaryName": "string", + "attributeName": "string", + "value": "string", + "changedVal": "string" + } + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "stripPrefix": true, + "stripSuffix": true, + "prefixSeparator": "string", + "suffixSeparator": "string", + "remoteAccounting": true, + "localAccounting": true, + "useAttrSetOnRequest": true, + "useAttrSetBeforeAcc": true, + "continueAuthorzPolicy": true, + "RadiusServerList": [ + "string" + ], + "OnRequestAttrManipulatorList": [ + { + "action": "string", + "dictionaryName": "string", + "attributeName": "string", + "value": "string", + "changedVal": "string" + } + ], + "BeforeAcceptAttrManipulatorsList": [ + { + "action": "string", + "dictionaryName": "string", + "attributeName": "string", + "value": "string", + "changedVal": "string" + } + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/renew_certificate.py b/ansible_collections/cisco/ise/plugins/modules/renew_certificate.py new file mode 100644 index 00000000..d91ea35b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/renew_certificate.py @@ -0,0 +1,67 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: renew_certificate +short_description: Resource module for Renew Certificate +description: +- Manage operation create of the resource Renew Certificate. +- This API initiates regeneration of certificates. Response contains ID which can be used to track the status. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + certType: + description: Renew Certificate's certType. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Certificates + description: Complete reference of the Certificates API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!certificate-openapi +notes: + - SDK Method used are + certificates.Certificates.renew_certificates, + + - Paths used are + post /api/v1/certs/renew-certificate, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.renew_certificate: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + certType: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "id": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/repository.py b/ansible_collections/cisco/ise/plugins/modules/repository.py new file mode 100644 index 00000000..a9236c8f --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/repository.py @@ -0,0 +1,138 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: repository +short_description: Resource module for Repository +description: +- Manage operations create, update and delete of the resource Repository. +- Create a new repository in the system. The name provided for the repository must be unique. +- Long description TBD. +- Update the definition of a specific repository, providing ALL parameters for the repository. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + enablePki: + description: EnablePki flag. + type: bool + name: + description: Repository name should be less than 80 characters and can contain alphanumeric, + underscore, hyphen and dot characters. + type: str + password: + description: Password can contain alphanumeric and/or special characters. + type: str + path: + description: Path should always start with "/" and can contain alphanumeric, underscore, + hyphen and dot characters. + type: str + protocol: + description: Repository's protocol. + type: str + repositoryName: + description: RepositoryName path parameter. Unique name for a repository. + type: str + serverName: + description: Repository's serverName. + type: str + userName: + description: Username may contain alphanumeric and _-./@\\$ characters. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Repository + description: Complete reference of the Repository API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!repository-openapi +notes: + - SDK Method used are + repository.Repository.create_repository, + repository.Repository.delete_repository, + repository.Repository.update_repository, + + - Paths used are + post /api/v1/repository, + delete /api/v1/repository/{repositoryName}, + put /api/v1/repository/{repositoryName}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.repository: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + enablePki: true + name: string + password: string + path: string + protocol: string + serverName: string + userName: string + +- name: Update by name + cisco.ise.repository: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + enablePki: true + name: string + password: string + path: string + protocol: string + repositoryName: string + serverName: string + userName: string + +- name: Delete by name + cisco.ise.repository: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + repositoryName: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "name": "string", + "protocol": "string", + "path": "string", + "password": "string", + "serverName": "string", + "userName": "string", + "enablePki": true + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "success": { + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/repository_files_info.py b/ansible_collections/cisco/ise/plugins/modules/repository_files_info.py new file mode 100644 index 00000000..c70d8b7b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/repository_files_info.py @@ -0,0 +1,61 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: repository_files_info +short_description: Information module for Repository Files +description: +- Get all Repository Files. +- This will get the full list of files present in the named repository. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + repositoryName: + description: + - RepositoryName path parameter. Unique name for a repository. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Repository + description: Complete reference of the Repository API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!repository-openapi +notes: + - SDK Method used are + repository.Repository.get_repository_files, + + - Paths used are + get /api/v1/repository/{repositoryName}/files, + +""" + +EXAMPLES = r""" +- name: Get all Repository Files + cisco.ise.repository_files_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + repositoryName: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: str + sample: > + [ + "string" + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/repository_info.py b/ansible_collections/cisco/ise/plugins/modules/repository_info.py new file mode 100644 index 00000000..524e63a9 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/repository_info.py @@ -0,0 +1,78 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: repository_info +short_description: Information module for Repository +description: +- Get all Repository. +- Get Repository by name. +- Get a specific repository identified by the name passed in the URL. +- This will get the full list of repository definitions on the system. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + repositoryName: + description: + - RepositoryName path parameter. Unique name for a repository. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Repository + description: Complete reference of the Repository API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!repository-openapi +notes: + - SDK Method used are + repository.Repository.get_repositories, + repository.Repository.get_repository, + + - Paths used are + get /api/v1/repository, + get /api/v1/repository/{repositoryName}, + +""" + +EXAMPLES = r""" +- name: Get all Repository + cisco.ise.repository_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +- name: Get Repository by name + cisco.ise.repository_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + repositoryName: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "name": "string", + "protocol": "string", + "path": "string", + "password": "string", + "serverName": "string", + "userName": "string", + "enablePki": true + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/resource_version_info.py b/ansible_collections/cisco/ise/plugins/modules/resource_version_info.py new file mode 100644 index 00000000..b8989b7b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/resource_version_info.py @@ -0,0 +1,62 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: resource_version_info +short_description: Information module for Resource Version +description: +- Get all Resource Version. +- Get all VersionInfo. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + resource: + description: + - Resource path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + version_info.VersionInfo.get_version_info, + + - Paths used are + get /ers/config/{resource}/versioninfo, + +""" + +EXAMPLES = r""" +- name: Get all Resource Version + cisco.ise.resource_version_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + resource: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "currentServerVersion": "string", + "supportedVersions": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/rest_id_store.py b/ansible_collections/cisco/ise/plugins/modules/rest_id_store.py new file mode 100644 index 00000000..f39aaf8d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/rest_id_store.py @@ -0,0 +1,199 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: rest_id_store +short_description: Resource module for REST Id Store +description: +- Manage operations create, update and delete of the resource REST Id Store. +- This API creates a REST ID store. +- This API deletes a REST ID store by name. +- This API deletes a REST ID store. +- This API allows the client to update a REST ID store by name. +- This API allows the client to update a REST ID store. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + description: + description: REST Id Store's description. + type: str + ersRESTIDStoreAttributes: + description: REST Id Store's ersRESTIDStoreAttributes. + suboptions: + headers: + description: REST Id Store's headers. + elements: dict + suboptions: + key: + description: REST Id Store's key. + type: str + value: + description: REST Id Store's value. + type: str + type: list + predefined: + description: The cloud provider connected to of the RESTIDStore. Options are + - Azure, - Okta, - None. + type: str + rootUrl: + description: Url of the root of the RESTIDStore. + type: str + usernameSuffix: + description: Suffix of the username domain. + type: str + type: dict + id: + description: REST Id Store's id. + type: str + name: + description: REST Id Store's name. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + restid_store.RestidStore.create_rest_id_store, + restid_store.RestidStore.delete_rest_id_store_by_id, + restid_store.RestidStore.delete_rest_id_store_by_name, + restid_store.RestidStore.update_rest_id_store_by_id, + restid_store.RestidStore.update_rest_id_store_by_name, + + - Paths used are + post /ers/config/restidstore, + delete /ers/config/restidstore/name/{name}, + delete /ers/config/restidstore/{id}, + put /ers/config/restidstore/name/{name}, + put /ers/config/restidstore/{id}, + +""" + +EXAMPLES = r""" +- name: Update by name + cisco.ise.rest_id_store: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + ersRestIDStoreAttributes: + headers: + - key: string + value: string + predefined: string + rootUrl: string + usernameSuffix: string + id: string + name: string + +- name: Delete by name + cisco.ise.rest_id_store: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + name: string + +- name: Update by id + cisco.ise.rest_id_store: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + ersRestIDStoreAttributes: + headers: + - key: string + value: string + predefined: string + rootUrl: string + usernameSuffix: string + id: string + name: string + +- name: Delete by id + cisco.ise.rest_id_store: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.rest_id_store: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + ersRestIDStoreAttributes: + headers: + - key: string + value: string + predefined: string + rootUrl: string + usernameSuffix: string + name: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "ersRestIDStoreAttributes": { + "usernameSuffix": "string", + "rootUrl": "string", + "predefined": "string", + "headers": [ + { + "key": "string", + "value": "string" + } + ] + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/rest_id_store_info.py b/ansible_collections/cisco/ise/plugins/modules/rest_id_store_info.py new file mode 100644 index 00000000..f9d5a1cd --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/rest_id_store_info.py @@ -0,0 +1,182 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: rest_id_store_info +short_description: Information module for REST Id Store +description: +- Get all REST Id Store. +- Get REST Id Store by id. +- Get REST Id Store by name. +- This API allows the client to get a REST ID store by ID. +- This API allows the client to get a REST ID store by name. +- This API allows the client to get all the REST ID stores. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + restid_store.RestidStore.get_rest_id_store_by_id, + restid_store.RestidStore.get_rest_id_store_by_name, + restid_store.RestidStore.get_rest_id_store_generator, + + - Paths used are + get /ers/config/restidstore, + get /ers/config/restidstore/name/{name}, + get /ers/config/restidstore/{id}, + +""" + +EXAMPLES = r""" +- name: Get all REST Id Store + cisco.ise.rest_id_store_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get REST Id Store by id + cisco.ise.rest_id_store_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get REST Id Store by name + cisco.ise.rest_id_store_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "ersRestIDStoreAttributes": { + "usernameSuffix": "string", + "rootUrl": "string", + "predefined": "string", + "headers": [ + { + "key": "string", + "value": "string" + } + ] + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "ersRestIDStoreAttributes": { + "usernameSuffix": "string", + "rootUrl": "string", + "predefined": "string", + "headers": [ + { + "key": "string", + "value": "string" + } + ] + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/self_registered_portal.py b/ansible_collections/cisco/ise/plugins/modules/self_registered_portal.py new file mode 100644 index 00000000..a7b264ff --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/self_registered_portal.py @@ -0,0 +1,1392 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: self_registered_portal +short_description: Resource module for Self Registered Portal +description: +- Manage operations create, update and delete of the resource Self Registered Portal. +- This API creates a self registered portal. +- This API deletes a self registered portal by ID. +- This API allows the client to update a self registered portal by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + customizations: + description: Defines all of the Portal Customizations available. + suboptions: + globalCustomizations: + description: Self Registered Portal's globalCustomizations. + suboptions: + backgroundImage: + description: Self Registered Portal's backgroundImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + bannerImage: + description: Self Registered Portal's bannerImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + bannerTitle: + description: Self Registered Portal's bannerTitle. + type: str + contactText: + description: Self Registered Portal's contactText. + type: str + desktopLogoImage: + description: Self Registered Portal's desktopLogoImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + footerElement: + description: Self Registered Portal's footerElement. + type: str + mobileLogoImage: + description: Self Registered Portal's mobileLogoImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + type: dict + language: + description: This property is supported only for Read operation and it allows + to show the customizations in English. Other languages are not supported. + suboptions: + viewLanguage: + description: Self Registered Portal's viewLanguage. + type: str + type: dict + pageCustomizations: + description: Represent the entire page customization as a giant dictionary. + suboptions: + data: + description: The Dictionary will be exposed here as key value pair. + elements: dict + suboptions: + key: + description: Self Registered Portal's key. + type: str + value: + description: Self Registered Portal's value. + type: str + type: list + type: dict + portalTheme: + description: Self Registered Portal's portalTheme. + suboptions: + id: + description: Self Registered Portal's id. + type: str + name: + description: The system- or user-assigned name of the portal theme. + type: str + themeData: + description: A CSS file, represented as a Base64-encoded byte array. + type: str + type: dict + portalTweakSettings: + description: The Tweak Settings are a customization of the Portal Theme that + has been selected for the portal. When the Portal Theme selection is changed, + the Tweak Settings are overwritten to match the values in the theme. The Tweak + Settings can subsequently be changed by the user. + suboptions: + bannerColor: + description: Hex value of color. + type: str + bannerTextColor: + description: Self Registered Portal's bannerTextColor. + type: str + pageBackgroundColor: + description: Self Registered Portal's pageBackgroundColor. + type: str + pageLabelAndTextColor: + description: Self Registered Portal's pageLabelAndTextColor. + type: str + type: dict + type: dict + description: + description: Self Registered Portal's description. + type: str + id: + description: Self Registered Portal's id. + type: str + name: + description: Self Registered Portal's name. + type: str + portalTestUrl: + description: URL to bring up a test page for this portal. + type: str + portalType: + description: Allowed values - BYOD, - HOTSPOTGUEST, - MYDEVICE, - SELFREGGUEST, + - SPONSOR, - SPONSOREDGUEST. + type: str + settings: + description: Defines all of the settings groups available for a portal. + suboptions: + aupSettings: + description: Self Registered Portal's aupSettings. + suboptions: + displayFrequency: + description: How the AUP should be displayed, either on page or as a link. + Only valid if includeAup = true. Allowed Values - FIRSTLOGIN, - EVERYLOGIN, + - RECURRING. + type: str + displayFrequencyIntervalDays: + description: Number of days between AUP confirmations (when displayFrequency + = recurring). + type: int + includeAup: + description: Require the portal user to read and accept an AUP. + type: bool + requireAupScrolling: + description: Require the portal user to scroll to the end of the AUP. Only + valid if requireAupAcceptance = true. + type: bool + requireScrolling: + description: RequireScrolling flag. + type: bool + skipAupForEmployees: + description: Only valid if requireAupAcceptance = trueG. + type: bool + useDiffAupForEmployees: + description: Only valid if requireAupAcceptance = trueG. + type: bool + type: dict + authSuccessSettings: + description: Self Registered Portal's authSuccessSettings. + suboptions: + redirectUrl: + description: Self Registered Portal's redirectUrl. + type: str + successRedirect: + description: Self Registered Portal's successRedirect. + type: str + type: dict + byodSettings: + description: Configuration of BYOD Device Welcome, Registration and Success + steps. + suboptions: + byodRegistrationSettings: + description: Configuration of BYOD endpoint Registration step configuration. + suboptions: + endPointIdentityGroupId: + description: Identity group id for which endpoint belongs. + type: str + showDeviceID: + description: Display Device ID field during registration. + type: bool + type: dict + byodRegistrationSuccessSettings: + description: Configuration of BYOD endpoint Registration Success step configuration. + suboptions: + redirectUrl: + description: Target URL for redirection, used when successRedirect = + URL. + type: str + successRedirect: + description: After an Authentication Success where should device be + redirected. Allowed values - AUTHSUCCESSPAGE, - ORIGINATINGURL, - + URL. + type: str + type: dict + byodWelcomeSettings: + description: Configuration of BYOD endpoint welcome step configuration. + suboptions: + aupDisplay: + description: How the AUP should be displayed, either on page or as a + link. Only valid if includeAup = true. Allowed values - ONPAGE, - + ASLINK. + type: str + enableBYOD: + description: EnableBYOD flag. + type: bool + enableGuestAccess: + description: EnableGuestAccess flag. + type: bool + includeAup: + description: IncludeAup flag. + type: bool + requireAupAcceptance: + description: RequireAupAcceptance flag. + type: bool + requireMDM: + description: RequireMDM flag. + type: bool + requireScrolling: + description: Require BYOD devices to scroll down to the bottom of the + AUP, Only valid if includeAup = true. + type: bool + type: dict + type: dict + guestChangePasswordSettings: + description: Self Registered Portal's guestChangePasswordSettings. + suboptions: + allowChangePasswdAtFirstLogin: + description: Allow guest to change their own passwords. + type: bool + type: dict + guestDeviceRegistrationSettings: + description: Self Registered Portal's guestDeviceRegistrationSettings. + suboptions: + allowGuestsToRegisterDevices: + description: Allow guests to register devices. + type: bool + autoRegisterGuestDevices: + description: Automatically register guest devices. + type: bool + type: dict + loginPageSettings: + description: Portal Login Page settings groups follow. + suboptions: + accessCode: + description: Access code that must be entered by the portal user (only valid + if requireAccessCode = true). + type: str + allowAlternateGuestPortal: + description: AllowAlternateGuestPortal flag. + type: bool + allowForgotPassword: + description: AllowForgotPassword flag. + type: bool + allowGuestToChangePassword: + description: Require the portal user to enter an access code. + type: bool + allowGuestToCreateAccounts: + description: AllowGuestToCreateAccounts flag. + type: bool + allowGuestToUseSocialAccounts: + description: AllowGuestToUseSocialAccounts flag. + type: bool + allowShowGuestForm: + description: AllowShowGuestForm flag. + type: bool + alternateGuestPortal: + description: Self Registered Portal's alternateGuestPortal. + type: str + aupDisplay: + description: How the AUP should be displayed, either on page or as a link. + Only valid if includeAup = true. Allowed values - ONPAGE, - ASLINK. + type: str + includeAup: + description: Include an Acceptable Use Policy (AUP) that should be displayed + during login. + type: bool + maxFailedAttemptsBeforeRateLimit: + description: Maximum failed login attempts before rate limiting. + type: int + requireAccessCode: + description: Require the portal user to enter an access code. + type: bool + requireAupAcceptance: + description: Require the portal user to accept the AUP. Only valid if includeAup + = true. + type: bool + socialConfigs: + description: Self Registered Portal's socialConfigs. + elements: dict + suboptions: + socialMediaType: + description: Self Registered Portal's socialMediaType. + type: str + socialMediaValue: + description: Self Registered Portal's socialMediaValue. + type: str + type: list + timeBetweenLoginsDuringRateLimit: + description: Time between login attempts when rate limiting. + type: int + type: dict + portalSettings: + description: The port, interface, certificate, and other basic settings of a + portal. + suboptions: + allowedInterfaces: + description: Interfaces that the portal will be reachable on. Allowed values + - eth0, - eth1, - eth2, - eth3, - eth4, - eth5, - bond0, - bond1, - bond2. + elements: str + type: list + alwaysUsedLanguage: + description: Self Registered Portal's alwaysUsedLanguage. + type: str + assignedGuestTypeForEmployee: + description: Unique Id of a guest type. Employees using this portal as a + guest inherit login options from the guest type. + type: str + authenticationMethod: + description: Unique Id of the identity source sequence. + type: str + certificateGroupTag: + description: Logical name of the x.509 server certificate that will be used + for the portal. + type: str + displayLang: + description: Allowed values - USEBROWSERLOCALE, - ALWAYSUSE. + type: str + fallbackLanguage: + description: Used when displayLang = USEBROWSERLOCALE. + type: str + httpsPort: + description: The port number that the allowed interfaces will listen on. + Range from 8000 to 8999. + type: int + type: dict + postAccessBannerSettings: + description: Self Registered Portal's postAccessBannerSettings. + suboptions: + includePostAccessBanner: + description: IncludePostAccessBanner flag. + type: bool + type: dict + postLoginBannerSettings: + description: Self Registered Portal's postLoginBannerSettings. + suboptions: + includePostAccessBanner: + description: Include a Post-Login Banner page. + type: bool + type: dict + selfRegPageSettings: + description: Self Registered Portal's selfRegPageSettings. + suboptions: + accountValidityDuration: + description: Self-registered guest account is valid for this many account_validity_time_units. + type: int + accountValidityTimeUnits: + description: Time units for account_validity_duration. Allowed Values - + DAYS, - HOURS, - MINUTES. + type: str + allowGraceAccess: + description: AllowGraceAccess flag. + type: bool + approvalEmailAddresses: + description: Only valid if requireGuestApproval = true and sendApprovalRequestTo + = SELECTEDEMAILADDRESSES. + type: str + approveDenyLinksTimeUnits: + description: This attribute, along with approveDenyLinksValidFor, specifies + how long the link can be used. Only valid if requireGuestApproval = true. + Allowed Values - DAYS, - HOURS, - MINUTES. + type: str + approveDenyLinksValidFor: + description: This attribute, along with approveDenyLinksTimeUnits, specifies + how long the link can be used. Only valid if requireGuestApproval = true. + type: int + assignGuestsToGuestType: + description: Guests are assigned to this guest type. + type: str + aupDisplay: + description: How the AUP should be displayed, either on page or as a link. + Only valid if includeAup = true. Allowed values - ONPAGE, - ASLINK. + type: str + authenticateSponsorsUsingPortalList: + description: AuthenticateSponsorsUsingPortalList flag. + type: bool + autoLoginSelfWait: + description: Allow guests to login automatically from self-registration + after sponsor's approval. No need to provide the credentials by guest + to login. + type: bool + autoLoginTimePeriod: + description: Waiting period for auto login until sponsor's approval. If + time exceeds, guest has to login manually by providing the credentials. + Default value is 5 minutes. + type: int + credentialNotificationUsingEmail: + description: If true, send credential notification upon approval using email. + Only valid if requireGuestApproval = true. + type: bool + credentialNotificationUsingSMS: + description: If true, send credential notification upon approval using SMS. + Only valid if requireGuestApproval = true. + type: bool + enableGuestEmailBlacklist: + description: Disallow guests with an e-mail address from selected domains. + type: bool + enableGuestEmailWhitelist: + description: Allow guests with an e-mail address from selected domains. + type: bool + fieldCompany: + description: Self Registered Portal's fieldCompany. + suboptions: + include: + description: Include flag. + type: bool + require: + description: Only applicable if include = true. + type: bool + type: dict + fieldEmailAddr: + description: Self Registered Portal's fieldEmailAddr. + suboptions: + include: + description: Include flag. + type: bool + require: + description: Only applicable if include = true. + type: bool + type: dict + fieldFirstName: + description: Self Registered Portal's fieldFirstName. + suboptions: + include: + description: Include flag. + type: bool + require: + description: Only applicable if include = true. + type: bool + type: dict + fieldLastName: + description: Self Registered Portal's fieldLastName. + suboptions: + include: + description: Include flag. + type: bool + require: + description: Only applicable if include = true. + type: bool + type: dict + fieldLocation: + description: Self Registered Portal's fieldLocation. + suboptions: + include: + description: Include flag. + type: bool + require: + description: Only applicable if include = true. + type: bool + type: dict + fieldPersonBeingVisited: + description: Self Registered Portal's fieldPersonBeingVisited. + suboptions: + include: + description: Include flag. + type: bool + require: + description: Only applicable if include = true. + type: bool + type: dict + fieldPhoneNo: + description: Self Registered Portal's fieldPhoneNo. + suboptions: + include: + description: Include flag. + type: bool + require: + description: Only applicable if include = true. + type: bool + type: dict + fieldReasonForVisit: + description: Self Registered Portal's fieldReasonForVisit. + suboptions: + include: + description: Include flag. + type: bool + require: + description: Only applicable if include = true. + type: bool + type: dict + fieldSMSProvider: + description: Self Registered Portal's fieldSMSProvider. + suboptions: + include: + description: Include flag. + type: bool + require: + description: Only applicable if include = true. + type: bool + type: dict + fieldUserName: + description: Self Registered Portal's fieldUserName. + suboptions: + include: + description: Include flag. + type: bool + require: + description: Only applicable if include = true. + type: bool + type: dict + graceAccessExpireInterval: + description: Self Registered Portal's graceAccessExpireInterval. + type: int + graceAccessSendAccountExpiration: + description: GraceAccessSendAccountExpiration flag. + type: bool + guestEmailBlacklistDomains: + description: Disallow guests with an e-mail address from selected domains. + elements: str + type: list + guestEmailWhitelistDomains: + description: Self-registered guests whose e-mail address is in one of these + domains will be allowed. Only valid if enableGuestEmailWhitelist = true. + elements: str + type: list + includeAup: + description: Include an Acceptable Use Policy (AUP) that should be displayed + during login. + type: bool + postRegistrationRedirect: + description: After the registration submission direct the guest user to + one of the following pages. Only valid if requireGuestApproval = true. + Allowed Values - SELFREGISTRATIONSUCCESS, - LOGINPAGEWITHINSTRUCTIONS + - URL. + type: str + postRegistrationRedirectUrl: + description: URL where guest user is redirected after registration. Only + valid if requireGuestApproval = true and postRegistrationRedirect = URL. + type: str + registrationCode: + description: The registration code that the guest user must enter. + type: str + requireApproverToAuthenticate: + description: When self-registered guests require approval, an approval request + is e-mailed to one or more sponsor users. If the Cisco ISE Administrator + chooses to include an approval link in the e-mail, a sponsor user who + clicks the link will be required to enter their username and password + if this attribute is true. Only valid if requireGuestApproval = true. + type: bool + requireAupAcceptance: + description: Require the portal user to accept the AUP. Only valid if includeAup + = true. + type: bool + requireGuestApproval: + description: Require self-registered guests to be approved if true. + type: bool + requireRegistrationCode: + description: Self-registered guests are required to enter a registration + code. + type: bool + selectableLocations: + description: Guests can choose from these locations to set their time zone. + elements: str + type: list + selectableSMSProviders: + description: This attribute is an array of SMS provider names. + elements: str + type: list + sendApprovalRequestTo: + description: Specifies where approval requests are sent. Only valid if requireGuestApproval + = true. Allowed Values - SELECTEDEMAILADDRESSES, - PERSONBEINGVISITED. + type: str + sponsorPortalList: + description: Self Registered Portal's sponsorPortalList. + elements: str + type: list + type: dict + selfRegSuccessSettings: + description: Self Registered Portal's selfRegSuccessSettings. + suboptions: + allowGuestLoginFromSelfregSuccessPage: + description: AllowGuestLoginFromSelfregSuccessPage flag. + type: bool + allowGuestSendSelfUsingEmail: + description: AllowGuestSendSelfUsingEmail flag. + type: bool + allowGuestSendSelfUsingPrint: + description: AllowGuestSendSelfUsingPrint flag. + type: bool + allowGuestSendSelfUsingSMS: + description: AllowGuestSendSelfUsingSMS flag. + type: bool + aupOnPage: + description: AupOnPage flag. + type: bool + includeAup: + description: IncludeAup flag. + type: bool + includeCompany: + description: IncludeCompany flag. + type: bool + includeEmailAddr: + description: IncludeEmailAddr flag. + type: bool + includeFirstName: + description: IncludeFirstName flag. + type: bool + includeLastName: + description: IncludeLastName flag. + type: bool + includeLocation: + description: IncludeLocation flag. + type: bool + includePassword: + description: IncludePassword flag. + type: bool + includePersonBeingVisited: + description: IncludePersonBeingVisited flag. + type: bool + includePhoneNo: + description: IncludePhoneNo flag. + type: bool + includeReasonForVisit: + description: IncludeReasonForVisit flag. + type: bool + includeSMSProvider: + description: IncludeSMSProvider flag. + type: bool + includeUserName: + description: IncludeUserName flag. + type: bool + requireAupAcceptance: + description: RequireAupAcceptance flag. + type: bool + requireAupScrolling: + description: RequireAupScrolling flag. + type: bool + type: dict + supportInfoSettings: + description: Self Registered Portal's supportInfoSettings. + suboptions: + defaultEmptyFieldValue: + description: The default value displayed for an empty field. Only valid + when emptyFieldDisplay = DISPLAYWITHDEFAULTVALUE. + type: str + emptyFieldDisplay: + description: Specifies how empty fields are handled on the Support Information + Page. Allowed values - HIDE, - DISPLAYWITHNOVALUE, - DISPLAYWITHDEFAULTVALUE. + type: str + includeBrowserUserAgent: + description: IncludeBrowserUserAgent flag. + type: bool + includeFailureCode: + description: IncludeFailureCode flag. + type: bool + includeIpAddress: + description: IncludeIpAddress flag. + type: bool + includeMacAddr: + description: IncludeMacAddr flag. + type: bool + includePolicyServer: + description: IncludePolicyServer flag. + type: bool + includeSupportInfoPage: + description: IncludeSupportInfoPage flag. + type: bool + type: dict + type: dict +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for SelfRegisteredPortal + description: Complete reference of the SelfRegisteredPortal API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!selfregportal +notes: + - SDK Method used are + self_registered_portal.SelfRegisteredPortal.create_self_registered_portal, + self_registered_portal.SelfRegisteredPortal.delete_self_registered_portal_by_id, + self_registered_portal.SelfRegisteredPortal.update_self_registered_portal_by_id, + + - Paths used are + post /ers/config/selfregportal, + delete /ers/config/selfregportal/{id}, + put /ers/config/selfregportal/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.self_registered_portal: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + customizations: + globalCustomizations: + backgroundImage: + data: string + bannerImage: + data: string + bannerTitle: string + contactText: string + desktopLogoImage: + data: string + footerElement: string + mobileLogoImage: + data: string + language: + viewLanguage: string + pageCustomizations: + data: + - key: string + value: string + portalTheme: + id: string + name: string + themeData: string + portalTweakSettings: + bannerColor: string + bannerTextColor: string + pageBackgroundColor: string + pageLabelAndTextColor: string + description: string + id: string + name: string + portalTestUrl: string + portalType: string + settings: + aupSettings: + displayFrequency: string + displayFrequencyIntervalDays: 0 + includeAup: true + requireAupScrolling: true + requireScrolling: true + skipAupForEmployees: true + useDiffAupForEmployees: true + authSuccessSettings: + redirectUrl: string + successRedirect: string + byodSettings: + byodRegistrationSettings: + endPointIdentityGroupId: string + showDeviceID: true + byodRegistrationSuccessSettings: + redirectUrl: string + successRedirect: string + byodWelcomeSettings: + aupDisplay: string + enableBYOD: true + enableGuestAccess: true + includeAup: true + requireAupAcceptance: true + requireMDM: true + requireScrolling: true + guestChangePasswordSettings: + allowChangePasswdAtFirstLogin: true + guestDeviceRegistrationSettings: + allowGuestsToRegisterDevices: true + autoRegisterGuestDevices: true + loginPageSettings: + accessCode: string + allowAlternateGuestPortal: true + allowForgotPassword: true + allowGuestToChangePassword: true + allowGuestToCreateAccounts: true + allowGuestToUseSocialAccounts: true + allowShowGuestForm: true + alternateGuestPortal: string + aupDisplay: string + includeAup: true + maxFailedAttemptsBeforeRateLimit: 0 + requireAccessCode: true + requireAupAcceptance: true + socialConfigs: + - socialMediaType: string + socialMediaValue: string + timeBetweenLoginsDuringRateLimit: 0 + portalSettings: + allowedInterfaces: + - string + alwaysUsedLanguage: string + assignedGuestTypeForEmployee: string + authenticationMethod: string + certificateGroupTag: string + displayLang: string + fallbackLanguage: string + httpsPort: 0 + postAccessBannerSettings: + includePostAccessBanner: true + postLoginBannerSettings: + includePostAccessBanner: true + selfRegPageSettings: + accountValidityDuration: 0 + accountValidityTimeUnits: string + allowGraceAccess: true + approvalEmailAddresses: string + approveDenyLinksTimeUnits: string + approveDenyLinksValidFor: 0 + assignGuestsToGuestType: string + aupDisplay: string + authenticateSponsorsUsingPortalList: true + autoLoginSelfWait: true + autoLoginTimePeriod: 0 + credentialNotificationUsingEmail: true + credentialNotificationUsingSms: true + enableGuestEmailBlacklist: true + enableGuestEmailWhitelist: true + fieldCompany: + include: true + require: true + fieldEmailAddr: + include: true + require: true + fieldFirstName: + include: true + require: true + fieldLastName: + include: true + require: true + fieldLocation: + include: true + require: true + fieldPersonBeingVisited: + include: true + require: true + fieldPhoneNo: + include: true + require: true + fieldReasonForVisit: + include: true + require: true + fieldSmsProvider: + include: true + require: true + fieldUserName: + include: true + require: true + graceAccessExpireInterval: 0 + graceAccessSendAccountExpiration: true + guestEmailBlacklistDomains: + - string + guestEmailWhitelistDomains: + - string + includeAup: true + postRegistrationRedirect: string + postRegistrationRedirectUrl: string + registrationCode: string + requireApproverToAuthenticate: true + requireAupAcceptance: true + requireGuestApproval: true + requireRegistrationCode: true + selectableLocations: + - string + selectableSmsProviders: + - string + sendApprovalRequestTo: string + sponsorPortalList: + - string + selfRegSuccessSettings: + allowGuestLoginFromSelfregSuccessPage: true + allowGuestSendSelfUsingEmail: true + allowGuestSendSelfUsingPrint: true + allowGuestSendSelfUsingSms: true + aupOnPage: true + includeAup: true + includeCompany: true + includeEmailAddr: true + includeFirstName: true + includeLastName: true + includeLocation: true + includePassword: true + includePersonBeingVisited: true + includePhoneNo: true + includeReasonForVisit: true + includeSmsProvider: true + includeUserName: true + requireAupAcceptance: true + requireAupScrolling: true + supportInfoSettings: + defaultEmptyFieldValue: string + emptyFieldDisplay: string + includeBrowserUserAgent: true + includeFailureCode: true + includeIpAddress: true + includeMacAddr: true + includePolicyServer: true + includeSupportInfoPage: true + +- name: Delete by id + cisco.ise.self_registered_portal: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.self_registered_portal: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + customizations: + globalCustomizations: + backgroundImage: + data: string + bannerImage: + data: string + bannerTitle: string + contactText: string + desktopLogoImage: + data: string + footerElement: string + mobileLogoImage: + data: string + language: + viewLanguage: string + pageCustomizations: + data: + - key: string + value: string + portalTheme: + id: string + name: string + themeData: string + portalTweakSettings: + bannerColor: string + bannerTextColor: string + pageBackgroundColor: string + pageLabelAndTextColor: string + description: string + name: string + portalTestUrl: string + portalType: string + settings: + aupSettings: + displayFrequency: string + displayFrequencyIntervalDays: 0 + includeAup: true + requireAupScrolling: true + requireScrolling: true + skipAupForEmployees: true + useDiffAupForEmployees: true + authSuccessSettings: + redirectUrl: string + successRedirect: string + byodSettings: + byodRegistrationSettings: + endPointIdentityGroupId: string + showDeviceID: true + byodRegistrationSuccessSettings: + redirectUrl: string + successRedirect: string + byodWelcomeSettings: + aupDisplay: string + enableBYOD: true + enableGuestAccess: true + includeAup: true + requireAupAcceptance: true + requireMDM: true + requireScrolling: true + guestChangePasswordSettings: + allowChangePasswdAtFirstLogin: true + guestDeviceRegistrationSettings: + allowGuestsToRegisterDevices: true + autoRegisterGuestDevices: true + loginPageSettings: + accessCode: string + allowAlternateGuestPortal: true + allowForgotPassword: true + allowGuestToChangePassword: true + allowGuestToCreateAccounts: true + allowGuestToUseSocialAccounts: true + allowShowGuestForm: true + alternateGuestPortal: string + aupDisplay: string + includeAup: true + maxFailedAttemptsBeforeRateLimit: 0 + requireAccessCode: true + requireAupAcceptance: true + socialConfigs: + - socialMediaType: string + socialMediaValue: string + timeBetweenLoginsDuringRateLimit: 0 + portalSettings: + allowedInterfaces: + - string + alwaysUsedLanguage: string + assignedGuestTypeForEmployee: string + authenticationMethod: string + certificateGroupTag: string + displayLang: string + fallbackLanguage: string + httpsPort: 0 + postAccessBannerSettings: + includePostAccessBanner: true + postLoginBannerSettings: + includePostAccessBanner: true + selfRegPageSettings: + accountValidityDuration: 0 + accountValidityTimeUnits: string + allowGraceAccess: true + approvalEmailAddresses: string + approveDenyLinksTimeUnits: string + approveDenyLinksValidFor: 0 + assignGuestsToGuestType: string + aupDisplay: string + authenticateSponsorsUsingPortalList: true + autoLoginSelfWait: true + autoLoginTimePeriod: 0 + credentialNotificationUsingEmail: true + credentialNotificationUsingSms: true + enableGuestEmailBlacklist: true + enableGuestEmailWhitelist: true + fieldCompany: + include: true + require: true + fieldEmailAddr: + include: true + require: true + fieldFirstName: + include: true + require: true + fieldLastName: + include: true + require: true + fieldLocation: + include: true + require: true + fieldPersonBeingVisited: + include: true + require: true + fieldPhoneNo: + include: true + require: true + fieldReasonForVisit: + include: true + require: true + fieldSmsProvider: + include: true + require: true + fieldUserName: + include: true + require: true + graceAccessExpireInterval: 0 + graceAccessSendAccountExpiration: true + guestEmailBlacklistDomains: + - string + guestEmailWhitelistDomains: + - string + includeAup: true + postRegistrationRedirect: string + postRegistrationRedirectUrl: string + registrationCode: string + requireApproverToAuthenticate: true + requireAupAcceptance: true + requireGuestApproval: true + requireRegistrationCode: true + selectableLocations: + - string + selectableSmsProviders: + - string + sendApprovalRequestTo: string + sponsorPortalList: + - string + selfRegSuccessSettings: + allowGuestLoginFromSelfregSuccessPage: true + allowGuestSendSelfUsingEmail: true + allowGuestSendSelfUsingPrint: true + allowGuestSendSelfUsingSms: true + aupOnPage: true + includeAup: true + includeCompany: true + includeEmailAddr: true + includeFirstName: true + includeLastName: true + includeLocation: true + includePassword: true + includePersonBeingVisited: true + includePhoneNo: true + includeReasonForVisit: true + includeSmsProvider: true + includeUserName: true + requireAupAcceptance: true + requireAupScrolling: true + supportInfoSettings: + defaultEmptyFieldValue: string + emptyFieldDisplay: string + includeBrowserUserAgent: true + includeFailureCode: true + includeIpAddress: true + includeMacAddr: true + includePolicyServer: true + includeSupportInfoPage: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "portalTestUrl": "string", + "settings": { + "portalSettings": { + "httpsPort": 0, + "allowedInterfaces": [ + "string" + ], + "certificateGroupTag": "string", + "authenticationMethod": "string", + "assignedGuestTypeForEmployee": "string", + "displayLang": "string", + "fallbackLanguage": "string", + "alwaysUsedLanguage": "string" + }, + "loginPageSettings": { + "requireAccessCode": true, + "maxFailedAttemptsBeforeRateLimit": 0, + "timeBetweenLoginsDuringRateLimit": 0, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "accessCode": "string", + "allowGuestToCreateAccounts": true, + "allowForgotPassword": true, + "allowGuestToChangePassword": true, + "allowAlternateGuestPortal": true, + "alternateGuestPortal": "string", + "allowGuestToUseSocialAccounts": true, + "allowShowGuestForm": true, + "socialConfigs": [ + { + "socialMediaType": "string", + "socialMediaValue": "string" + } + ] + }, + "selfRegPageSettings": { + "assignGuestsToGuestType": "string", + "accountValidityDuration": 0, + "accountValidityTimeUnits": "string", + "requireRegistrationCode": true, + "registrationCode": "string", + "fieldUserName": { + "include": true, + "require": true + }, + "fieldFirstName": { + "include": true, + "require": true + }, + "fieldLastName": { + "include": true, + "require": true + }, + "fieldEmailAddr": { + "include": true, + "require": true + }, + "fieldPhoneNo": { + "include": true, + "require": true + }, + "fieldCompany": { + "include": true, + "require": true + }, + "fieldLocation": { + "include": true, + "require": true + }, + "selectableLocations": [ + "string" + ], + "fieldSmsProvider": { + "include": true, + "require": true + }, + "selectableSmsProviders": [ + "string" + ], + "fieldPersonBeingVisited": { + "include": true, + "require": true + }, + "fieldReasonForVisit": { + "include": true, + "require": true + }, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "enableGuestEmailWhitelist": true, + "guestEmailWhitelistDomains": [ + "string" + ], + "enableGuestEmailBlacklist": true, + "guestEmailBlacklistDomains": [ + "string" + ], + "requireGuestApproval": true, + "autoLoginSelfWait": true, + "autoLoginTimePeriod": 0, + "allowGraceAccess": true, + "graceAccessExpireInterval": 0, + "graceAccessSendAccountExpiration": true, + "sendApprovalRequestTo": "string", + "approvalEmailAddresses": "string", + "postRegistrationRedirect": "string", + "postRegistrationRedirectUrl": "string", + "credentialNotificationUsingEmail": true, + "credentialNotificationUsingSms": true, + "approveDenyLinksValidFor": 0, + "approveDenyLinksTimeUnits": "string", + "requireApproverToAuthenticate": true, + "authenticateSponsorsUsingPortalList": true, + "sponsorPortalList": [ + "string" + ] + }, + "selfRegSuccessSettings": { + "includeUserName": true, + "includePassword": true, + "includeFirstName": true, + "includeLastName": true, + "includeEmailAddr": true, + "includePhoneNo": true, + "includeCompany": true, + "includeLocation": true, + "includeSmsProvider": true, + "includePersonBeingVisited": true, + "includeReasonForVisit": true, + "allowGuestSendSelfUsingPrint": true, + "allowGuestSendSelfUsingEmail": true, + "allowGuestSendSelfUsingSms": true, + "includeAup": true, + "aupOnPage": true, + "requireAupAcceptance": true, + "requireAupScrolling": true, + "allowGuestLoginFromSelfregSuccessPage": true + }, + "aupSettings": { + "includeAup": true, + "useDiffAupForEmployees": true, + "skipAupForEmployees": true, + "requireScrolling": true, + "requireAupScrolling": true, + "displayFrequency": "string", + "displayFrequencyIntervalDays": 0 + }, + "guestChangePasswordSettings": { + "allowChangePasswdAtFirstLogin": true + }, + "guestDeviceRegistrationSettings": { + "autoRegisterGuestDevices": true, + "allowGuestsToRegisterDevices": true + }, + "byodSettings": { + "byodWelcomeSettings": { + "enableBYOD": true, + "enableGuestAccess": true, + "requireMDM": true, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "requireScrolling": true + }, + "byodRegistrationSettings": { + "showDeviceID": true, + "endPointIdentityGroupId": "string" + }, + "byodRegistrationSuccessSettings": { + "successRedirect": "string", + "redirectUrl": "string" + } + }, + "postLoginBannerSettings": { + "includePostAccessBanner": true + }, + "postAccessBannerSettings": { + "includePostAccessBanner": true + }, + "authSuccessSettings": { + "successRedirect": "string", + "redirectUrl": "string" + }, + "supportInfoSettings": { + "includeSupportInfoPage": true, + "includeMacAddr": true, + "includeIpAddress": true, + "includeBrowserUserAgent": true, + "includePolicyServer": true, + "includeFailureCode": true, + "emptyFieldDisplay": "string", + "defaultEmptyFieldValue": "string" + } + }, + "customizations": { + "portalTheme": { + "id": "string", + "name": "string", + "themeData": "string" + }, + "portalTweakSettings": { + "bannerColor": "string", + "bannerTextColor": "string", + "pageBackgroundColor": "string", + "pageLabelAndTextColor": "string" + }, + "language": { + "viewLanguage": "string" + }, + "globalCustomizations": { + "mobileLogoImage": { + "data": "string" + }, + "desktopLogoImage": { + "data": "string" + }, + "bannerImage": { + "data": "string" + }, + "backgroundImage": { + "data": "string" + }, + "bannerTitle": "string", + "contactText": "string", + "footerElement": "string" + }, + "pageCustomizations": { + "data": [ + { + "key": "string", + "value": "string" + } + ] + } + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/self_registered_portal_info.py b/ansible_collections/cisco/ise/plugins/modules/self_registered_portal_info.py new file mode 100644 index 00000000..42d00979 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/self_registered_portal_info.py @@ -0,0 +1,623 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: self_registered_portal_info +short_description: Information module for Self Registered Portal +description: +- Get all Self Registered Portal. +- Get Self Registered Portal by id. +- This API allows the client to get a self registered portal by ID. +- This API allows the client to get all the self registered portals. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for SelfRegisteredPortal + description: Complete reference of the SelfRegisteredPortal API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!selfregportal +notes: + - SDK Method used are + self_registered_portal.SelfRegisteredPortal.get_self_registered_portal_by_id, + self_registered_portal.SelfRegisteredPortal.get_self_registered_portals_generator, + + - Paths used are + get /ers/config/selfregportal, + get /ers/config/selfregportal/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Self Registered Portal + cisco.ise.self_registered_portal_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Self Registered Portal by id + cisco.ise.self_registered_portal_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "portalTestUrl": "string", + "settings": { + "portalSettings": { + "httpsPort": 0, + "allowedInterfaces": [ + "string" + ], + "certificateGroupTag": "string", + "authenticationMethod": "string", + "assignedGuestTypeForEmployee": "string", + "displayLang": "string", + "fallbackLanguage": "string", + "alwaysUsedLanguage": "string" + }, + "loginPageSettings": { + "requireAccessCode": true, + "maxFailedAttemptsBeforeRateLimit": 0, + "timeBetweenLoginsDuringRateLimit": 0, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "accessCode": "string", + "allowGuestToCreateAccounts": true, + "allowForgotPassword": true, + "allowGuestToChangePassword": true, + "allowAlternateGuestPortal": true, + "alternateGuestPortal": "string", + "allowGuestToUseSocialAccounts": true, + "allowShowGuestForm": true, + "socialConfigs": [ + { + "socialMediaType": "string", + "socialMediaValue": "string" + } + ] + }, + "selfRegPageSettings": { + "assignGuestsToGuestType": "string", + "accountValidityDuration": 0, + "accountValidityTimeUnits": "string", + "requireRegistrationCode": true, + "registrationCode": "string", + "fieldUserName": { + "include": true, + "require": true + }, + "fieldFirstName": { + "include": true, + "require": true + }, + "fieldLastName": { + "include": true, + "require": true + }, + "fieldEmailAddr": { + "include": true, + "require": true + }, + "fieldPhoneNo": { + "include": true, + "require": true + }, + "fieldCompany": { + "include": true, + "require": true + }, + "fieldLocation": { + "include": true, + "require": true + }, + "selectableLocations": [ + "string" + ], + "fieldSmsProvider": { + "include": true, + "require": true + }, + "selectableSmsProviders": [ + "string" + ], + "fieldPersonBeingVisited": { + "include": true, + "require": true + }, + "fieldReasonForVisit": { + "include": true, + "require": true + }, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "enableGuestEmailWhitelist": true, + "guestEmailWhitelistDomains": [ + "string" + ], + "enableGuestEmailBlacklist": true, + "guestEmailBlacklistDomains": [ + "string" + ], + "requireGuestApproval": true, + "autoLoginSelfWait": true, + "autoLoginTimePeriod": 0, + "allowGraceAccess": true, + "graceAccessExpireInterval": 0, + "graceAccessSendAccountExpiration": true, + "sendApprovalRequestTo": "string", + "approvalEmailAddresses": "string", + "postRegistrationRedirect": "string", + "postRegistrationRedirectUrl": "string", + "credentialNotificationUsingEmail": true, + "credentialNotificationUsingSms": true, + "approveDenyLinksValidFor": 0, + "approveDenyLinksTimeUnits": "string", + "requireApproverToAuthenticate": true, + "authenticateSponsorsUsingPortalList": true, + "sponsorPortalList": [ + "string" + ] + }, + "selfRegSuccessSettings": { + "includeUserName": true, + "includePassword": true, + "includeFirstName": true, + "includeLastName": true, + "includeEmailAddr": true, + "includePhoneNo": true, + "includeCompany": true, + "includeLocation": true, + "includeSmsProvider": true, + "includePersonBeingVisited": true, + "includeReasonForVisit": true, + "allowGuestSendSelfUsingPrint": true, + "allowGuestSendSelfUsingEmail": true, + "allowGuestSendSelfUsingSms": true, + "includeAup": true, + "aupOnPage": true, + "requireAupAcceptance": true, + "requireAupScrolling": true, + "allowGuestLoginFromSelfregSuccessPage": true + }, + "aupSettings": { + "includeAup": true, + "useDiffAupForEmployees": true, + "skipAupForEmployees": true, + "requireScrolling": true, + "requireAupScrolling": true, + "displayFrequency": "string", + "displayFrequencyIntervalDays": 0 + }, + "guestChangePasswordSettings": { + "allowChangePasswdAtFirstLogin": true + }, + "guestDeviceRegistrationSettings": { + "autoRegisterGuestDevices": true, + "allowGuestsToRegisterDevices": true + }, + "byodSettings": { + "byodWelcomeSettings": { + "enableBYOD": true, + "enableGuestAccess": true, + "requireMDM": true, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "requireScrolling": true + }, + "byodRegistrationSettings": { + "showDeviceID": true, + "endPointIdentityGroupId": "string" + }, + "byodRegistrationSuccessSettings": { + "successRedirect": "string", + "redirectUrl": "string" + } + }, + "postLoginBannerSettings": { + "includePostAccessBanner": true + }, + "postAccessBannerSettings": { + "includePostAccessBanner": true + }, + "authSuccessSettings": { + "successRedirect": "string", + "redirectUrl": "string" + }, + "supportInfoSettings": { + "includeSupportInfoPage": true, + "includeMacAddr": true, + "includeIpAddress": true, + "includeBrowserUserAgent": true, + "includePolicyServer": true, + "includeFailureCode": true, + "emptyFieldDisplay": "string", + "defaultEmptyFieldValue": "string" + } + }, + "customizations": { + "portalTheme": { + "id": "string", + "name": "string", + "themeData": "string" + }, + "portalTweakSettings": { + "bannerColor": "string", + "bannerTextColor": "string", + "pageBackgroundColor": "string", + "pageLabelAndTextColor": "string" + }, + "language": { + "viewLanguage": "string" + }, + "globalCustomizations": { + "mobileLogoImage": { + "data": "string" + }, + "desktopLogoImage": { + "data": "string" + }, + "bannerImage": { + "data": "string" + }, + "backgroundImage": { + "data": "string" + }, + "bannerTitle": "string", + "contactText": "string", + "footerElement": "string" + }, + "pageCustomizations": { + "data": [ + { + "key": "string", + "value": "string" + } + ] + } + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "portalTestUrl": "string", + "settings": { + "portalSettings": { + "httpsPort": 0, + "allowedInterfaces": [ + "string" + ], + "certificateGroupTag": "string", + "authenticationMethod": "string", + "assignedGuestTypeForEmployee": "string", + "displayLang": "string", + "fallbackLanguage": "string", + "alwaysUsedLanguage": "string" + }, + "loginPageSettings": { + "requireAccessCode": true, + "maxFailedAttemptsBeforeRateLimit": 0, + "timeBetweenLoginsDuringRateLimit": 0, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "accessCode": "string", + "allowGuestToCreateAccounts": true, + "allowForgotPassword": true, + "allowGuestToChangePassword": true, + "allowAlternateGuestPortal": true, + "alternateGuestPortal": "string", + "allowGuestToUseSocialAccounts": true, + "allowShowGuestForm": true, + "socialConfigs": [ + { + "socialMediaType": "string", + "socialMediaValue": "string" + } + ] + }, + "selfRegPageSettings": { + "assignGuestsToGuestType": "string", + "accountValidityDuration": 0, + "accountValidityTimeUnits": "string", + "requireRegistrationCode": true, + "registrationCode": "string", + "fieldUserName": { + "include": true, + "require": true + }, + "fieldFirstName": { + "include": true, + "require": true + }, + "fieldLastName": { + "include": true, + "require": true + }, + "fieldEmailAddr": { + "include": true, + "require": true + }, + "fieldPhoneNo": { + "include": true, + "require": true + }, + "fieldCompany": { + "include": true, + "require": true + }, + "fieldLocation": { + "include": true, + "require": true + }, + "selectableLocations": [ + "string" + ], + "fieldSmsProvider": { + "include": true, + "require": true + }, + "selectableSmsProviders": [ + "string" + ], + "fieldPersonBeingVisited": { + "include": true, + "require": true + }, + "fieldReasonForVisit": { + "include": true, + "require": true + }, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "enableGuestEmailWhitelist": true, + "guestEmailWhitelistDomains": [ + "string" + ], + "enableGuestEmailBlacklist": true, + "guestEmailBlacklistDomains": [ + "string" + ], + "requireGuestApproval": true, + "autoLoginSelfWait": true, + "autoLoginTimePeriod": 0, + "allowGraceAccess": true, + "graceAccessExpireInterval": 0, + "graceAccessSendAccountExpiration": true, + "sendApprovalRequestTo": "string", + "approvalEmailAddresses": "string", + "postRegistrationRedirect": "string", + "postRegistrationRedirectUrl": "string", + "credentialNotificationUsingEmail": true, + "credentialNotificationUsingSms": true, + "approveDenyLinksValidFor": 0, + "approveDenyLinksTimeUnits": "string", + "requireApproverToAuthenticate": true, + "authenticateSponsorsUsingPortalList": true, + "sponsorPortalList": [ + "string" + ] + }, + "selfRegSuccessSettings": { + "includeUserName": true, + "includePassword": true, + "includeFirstName": true, + "includeLastName": true, + "includeEmailAddr": true, + "includePhoneNo": true, + "includeCompany": true, + "includeLocation": true, + "includeSmsProvider": true, + "includePersonBeingVisited": true, + "includeReasonForVisit": true, + "allowGuestSendSelfUsingPrint": true, + "allowGuestSendSelfUsingEmail": true, + "allowGuestSendSelfUsingSms": true, + "includeAup": true, + "aupOnPage": true, + "requireAupAcceptance": true, + "requireAupScrolling": true, + "allowGuestLoginFromSelfregSuccessPage": true + }, + "aupSettings": { + "includeAup": true, + "useDiffAupForEmployees": true, + "skipAupForEmployees": true, + "requireScrolling": true, + "requireAupScrolling": true, + "displayFrequency": "string", + "displayFrequencyIntervalDays": 0 + }, + "guestChangePasswordSettings": { + "allowChangePasswdAtFirstLogin": true + }, + "guestDeviceRegistrationSettings": { + "autoRegisterGuestDevices": true, + "allowGuestsToRegisterDevices": true + }, + "byodSettings": { + "byodWelcomeSettings": { + "enableBYOD": true, + "enableGuestAccess": true, + "requireMDM": true, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "requireScrolling": true + }, + "byodRegistrationSettings": { + "showDeviceID": true, + "endPointIdentityGroupId": "string" + }, + "byodRegistrationSuccessSettings": { + "successRedirect": "string", + "redirectUrl": "string" + } + }, + "postLoginBannerSettings": { + "includePostAccessBanner": true + }, + "postAccessBannerSettings": { + "includePostAccessBanner": true + }, + "authSuccessSettings": { + "successRedirect": "string", + "redirectUrl": "string" + }, + "supportInfoSettings": { + "includeSupportInfoPage": true, + "includeMacAddr": true, + "includeIpAddress": true, + "includeBrowserUserAgent": true, + "includePolicyServer": true, + "includeFailureCode": true, + "emptyFieldDisplay": "string", + "defaultEmptyFieldValue": "string" + } + }, + "customizations": { + "portalTheme": { + "id": "string", + "name": "string", + "themeData": "string" + }, + "portalTweakSettings": { + "bannerColor": "string", + "bannerTextColor": "string", + "pageBackgroundColor": "string", + "pageLabelAndTextColor": "string" + }, + "language": { + "viewLanguage": "string" + }, + "globalCustomizations": { + "mobileLogoImage": { + "data": "string" + }, + "desktopLogoImage": { + "data": "string" + }, + "bannerImage": { + "data": "string" + }, + "backgroundImage": { + "data": "string" + }, + "bannerTitle": "string", + "contactText": "string", + "footerElement": "string" + }, + "pageCustomizations": { + "data": [ + { + "key": "string", + "value": "string" + } + ] + } + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/selfsigned_certificate_generate.py b/ansible_collections/cisco/ise/plugins/modules/selfsigned_certificate_generate.py new file mode 100644 index 00000000..eecd7b54 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/selfsigned_certificate_generate.py @@ -0,0 +1,196 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: selfsigned_certificate_generate +short_description: Resource module for Selfsigned Certificate Generate +description: +- Manage operation create of the resource Selfsigned Certificate Generate. +- Generate Self-signed Certificate. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + admin: + description: Use certificate to authenticate the Cisco ISE Admin Portal. + type: bool + allowExtendedValidity: + description: Allow generation of self-signed certificate with validity greater than + 398 days. + type: bool + allowPortalTagTransferForSameSubject: + description: Allow overwriting the portal tag from matching certificate of same + subject. + type: bool + allowReplacementOfCertificates: + description: Allow Replacement of certificates. + type: bool + allowReplacementOfPortalGroupTag: + description: Allow Replacement of Portal Group Tag. + type: bool + allowRoleTransferForSameSubject: + description: Allow transfer of roles for certificate with matching subject. + type: bool + allowSanDnsBadName: + description: Allow usage of SAN DNS Bad name. + type: bool + allowSanDnsNonResolvable: + description: Allow use of non resolvable Common Name or SAN Values. + type: bool + allowWildCardCertificates: + description: Allow Wildcard Certificates. + type: bool + certificatePolicies: + description: Certificate Policies. + type: str + digestType: + description: Digest to sign with. + type: str + eap: + description: Use certificate for EAP protocols that use SSL/TLS tunneling. + type: bool + expirationTTL: + description: Certificate expiration value. + type: int + expirationTTLUnit: + description: Certificate expiration unit. + type: str + hostName: + description: Hostname of the Cisco ISE node in which self-signed certificate should + be generated. + type: str + keyLength: + description: Bit size of public key. + type: str + keyType: + description: Algorithm to use for certificate public key creation. + type: str + name: + description: Friendly name of the certificate. + type: str + portal: + description: Use for portal. + type: bool + portalGroupTag: + description: Set Group tag. + type: str + pxgrid: + description: Use certificate for the pxGrid Controller. + type: bool + radius: + description: Use certificate for the RADSec server. + type: bool + saml: + description: Use certificate for SAML Signing. + type: bool + sanDNS: + description: Array of SAN (Subject Alternative Name) DNS entries. + elements: str + type: list + sanIP: + description: Array of SAN IP entries. + elements: str + type: list + sanURI: + description: Array of SAN URI entries. + elements: str + type: list + subjectCity: + description: Certificate city or locality (L). + type: str + subjectCommonName: + description: Certificate common name (CN). + type: str + subjectCountry: + description: Certificate country (C). + type: str + subjectOrg: + description: Certificate organization (O). + type: str + subjectOrgUnit: + description: Certificate organizational unit (OU). + type: str + subjectState: + description: Certificate state (ST). + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Certificates + description: Complete reference of the Certificates API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!certificate-openapi +notes: + - SDK Method used are + certificates.Certificates.generate_self_signed_certificate, + + - Paths used are + post /api/v1/certs/system-certificate/generate-selfsigned-certificate, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.selfsigned_certificate_generate: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + admin: true + allowExtendedValidity: true + allowPortalTagTransferForSameSubject: true + allowReplacementOfCertificates: true + allowReplacementOfPortalGroupTag: true + allowRoleTransferForSameSubject: true + allowSanDnsBadName: true + allowSanDnsNonResolvable: true + allowWildCardCertificates: true + certificatePolicies: string + digestType: string + eap: true + expirationTTL: 0 + expirationTTLUnit: string + hostName: string + keyLength: string + keyType: string + name: string + portal: true + portalGroupTag: string + pxgrid: true + radius: true + saml: true + sanDNS: + - string + sanIP: + - string + sanURI: + - string + subjectCity: string + subjectCommonName: string + subjectCountry: string + subjectOrg: string + subjectOrgUnit: string + subjectState: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "id": "string", + "message": "string", + "status": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/session_service_node_info.py b/ansible_collections/cisco/ise/plugins/modules/session_service_node_info.py new file mode 100644 index 00000000..59be20e3 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/session_service_node_info.py @@ -0,0 +1,130 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: session_service_node_info +short_description: Information module for Session Service Node +description: +- Get all Session Service Node. +- Get Session Service Node by id. +- Get Session Service Node by name. +- This API allows the client to get a PSN node details by ID. +- This API allows the client to get a PSN node details by name. +- This API allows the client to get all the PSN node details. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for PsnNodeDetailsWithRadiusService + description: Complete reference of the PsnNodeDetailsWithRadiusService API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sessionservicenode +notes: + - SDK Method used are + psn_node_details_with_radius_service.PsnNodeDetailsWithRadiusService.get_session_service_node_by_id, + psn_node_details_with_radius_service.PsnNodeDetailsWithRadiusService.get_session_service_node_by_name, + psn_node_details_with_radius_service.PsnNodeDetailsWithRadiusService.get_session_service_node_generator, + + - Paths used are + get /ers/config/sessionservicenode, + get /ers/config/sessionservicenode/name/{name}, + get /ers/config/sessionservicenode/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Session Service Node + cisco.ise.session_service_node_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + register: result + +- name: Get Session Service Node by id + cisco.ise.session_service_node_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get Session Service Node by name + cisco.ise.session_service_node_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "ipAddress": "string", + "gateWay": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "ipAddress": "string", + "gateWay": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_acl.py b/ansible_collections/cisco/ise/plugins/modules/sg_acl.py new file mode 100644 index 00000000..ba6fd695 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_acl.py @@ -0,0 +1,150 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_acl +short_description: Resource module for SGACL +description: +- Manage operations create, update and delete of the resource SGACL. +- This API creates a security group ACL. +- This API deletes a security group ACL. +- This API allows the client to update a security group ACL. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + aclcontent: + description: SGACL's aclcontent. + type: str + description: + description: SGACL's description. + type: str + generationId: + description: SGACL's generationId. + type: str + id: + description: SGACL's id. + type: str + ipVersion: + description: Allowed values - IPV4, - IPV6, - IP_AGNOSTIC. + type: str + isReadOnly: + description: IsReadOnly flag. + type: bool + modelledContent: + description: Modelled content of contract. + type: dict + name: + description: SGACL's name. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for SecurityGroupsACLs + description: Complete reference of the SecurityGroupsACLs API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgacl +notes: + - SDK Method used are + security_groups_acls.SecurityGroupsAcls.create_security_groups_acl, + security_groups_acls.SecurityGroupsAcls.delete_security_groups_acl_by_id, + security_groups_acls.SecurityGroupsAcls.update_security_groups_acl_by_id, + + - Paths used are + post /ers/config/sgacl, + delete /ers/config/sgacl/{id}, + put /ers/config/sgacl/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.sg_acl: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + aclcontent: string + description: string + generationId: string + id: string + ipVersion: string + isReadOnly: true + modelledContent: {} + name: string + +- name: Delete by id + cisco.ise.sg_acl: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.sg_acl: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + aclcontent: string + description: string + generationId: string + ipVersion: string + isReadOnly: true + modelledContent: {} + name: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "generationId": "string", + "aclcontent": "string", + "isReadOnly": true, + "modelledContent": {}, + "ipVersion": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_acl_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/modules/sg_acl_bulk_monitor_status_info.py new file mode 100644 index 00000000..d23f90b5 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_acl_bulk_monitor_status_info.py @@ -0,0 +1,76 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_acl_bulk_monitor_status_info +short_description: Information module for SGACL Bulk Monitor Status +description: +- Get SGACL Bulk Monitor Status by id. +- This API allows the client to monitor the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + bulkid: + description: + - Bulkid path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for SecurityGroupsACLs + description: Complete reference of the SecurityGroupsACLs API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgacl +notes: + - SDK Method used are + security_groups_acls.SecurityGroupsAcls.monitor_bulk_status_security_groups_acl, + + - Paths used are + get /ers/config/sgacl/bulk/{bulkid}, + +""" + +EXAMPLES = r""" +- name: Get SGACL Bulk Monitor Status by id + cisco.ise.sg_acl_bulk_monitor_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + bulkid: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "bulkId": "string", + "mediaType": "string", + "executionStatus": "string", + "operationType": "string", + "startTime": "string", + "resourcesCount": 0, + "successCount": 0, + "failCount": 0, + "resourcesStatus": [ + { + "id": "string", + "name": "string", + "description": "string", + "resourceExecutionStatus": "string", + "status": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_acl_bulk_request.py b/ansible_collections/cisco/ise/plugins/modules/sg_acl_bulk_request.py new file mode 100644 index 00000000..7ffae318 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_acl_bulk_request.py @@ -0,0 +1,60 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_acl_bulk_request +short_description: Resource module for SGACL Bulk Request +description: +- Manage operation update of the resource SGACL Bulk Request. +- This API allows the client to submit the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + operationType: + description: SGACL Bulk Request's operationType. + type: str + resourceMediaType: + description: SGACL Bulk Request's resourceMediaType. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for SecurityGroupsACLs + description: Complete reference of the SecurityGroupsACLs API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgacl +notes: + - SDK Method used are + security_groups_acls.SecurityGroupsAcls.bulk_request_for_security_groups_acl, + + - Paths used are + put /ers/config/sgacl/bulk/submit, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.sg_acl_bulk_request: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + operationType: string + resourceMediaType: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_acl_info.py b/ansible_collections/cisco/ise/plugins/modules/sg_acl_info.py new file mode 100644 index 00000000..3ea64a8b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_acl_info.py @@ -0,0 +1,157 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_acl_info +short_description: Information module for SGACL +description: +- Get all SGACL. +- Get SGACL by id. +- This API allows the client to get a security group ACL by ID. +- This API allows the client to get all the security group ACLs. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for SecurityGroupsACLs + description: Complete reference of the SecurityGroupsACLs API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgacl +notes: + - SDK Method used are + security_groups_acls.SecurityGroupsAcls.get_security_groups_acl_by_id, + security_groups_acls.SecurityGroupsAcls.get_security_groups_acl_generator, + + - Paths used are + get /ers/config/sgacl, + get /ers/config/sgacl/{id}, + +""" + +EXAMPLES = r""" +- name: Get all SGACL + cisco.ise.sg_acl_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get SGACL by id + cisco.ise.sg_acl_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "generationId": "string", + "aclcontent": "string", + "isReadOnly": true, + "modelledContent": {}, + "ipVersion": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "generationId": "string", + "aclcontent": "string", + "isReadOnly": true, + "modelledContent": {}, + "ipVersion": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_mapping.py b/ansible_collections/cisco/ise/plugins/modules/sg_mapping.py new file mode 100644 index 00000000..8bd08e3a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_mapping.py @@ -0,0 +1,151 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_mapping +short_description: Resource module for SG Mapping +description: +- Manage operations create, update and delete of the resource SG Mapping. +- This API creates an IP to SGT mapping. +- This API deletes an IP to SGT mapping. +- This API allows the client to update an IP to SGT mapping by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + deployTo: + description: Mandatory unless mappingGroup is set or unless deployType=ALL. + type: str + deployType: + description: Allowed values - ALL, - ND, - NDG. + type: str + hostIp: + description: Mandatory if hostName is empty -- valid IP. + type: str + hostName: + description: Mandatory if hostIp is empty. + type: str + id: + description: SG Mapping's id. + type: str + mappingGroup: + description: Mapping Group Id. Mandatory unless sgt and deployTo and deployType + are set. + type: str + name: + description: SG Mapping's name. + type: str + sgt: + description: Mandatory unless mappingGroup is set. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for IPToSGTMapping + description: Complete reference of the IPToSGTMapping API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgmapping +notes: + - SDK Method used are + ip_to_sgt_mapping.IpToSgtMapping.create_ip_to_sgt_mapping, + ip_to_sgt_mapping.IpToSgtMapping.delete_ip_to_sgt_mapping_by_id, + ip_to_sgt_mapping.IpToSgtMapping.update_ip_to_sgt_mapping_by_id, + + - Paths used are + post /ers/config/sgmapping, + delete /ers/config/sgmapping/{id}, + put /ers/config/sgmapping/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.sg_mapping: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + deployTo: string + deployType: string + hostIp: string + hostName: string + id: string + mappingGroup: string + name: string + sgt: string + +- name: Delete by id + cisco.ise.sg_mapping: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.sg_mapping: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + deployTo: string + deployType: string + hostIp: string + hostName: string + mappingGroup: string + name: string + sgt: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "sgt": "string", + "deployTo": "string", + "deployType": "string", + "hostName": "string", + "hostIp": "string", + "mappingGroup": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_mapping_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_bulk_monitor_status_info.py new file mode 100644 index 00000000..6814106a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_bulk_monitor_status_info.py @@ -0,0 +1,76 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_mapping_bulk_monitor_status_info +short_description: Information module for SG Mapping Bulk Monitor Status +description: +- Get SG Mapping Bulk Monitor Status by id. +- This API allows the client to monitor the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + bulkid: + description: + - Bulkid path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for IPToSGTMapping + description: Complete reference of the IPToSGTMapping API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgmapping +notes: + - SDK Method used are + ip_to_sgt_mapping.IpToSgtMapping.monitor_bulk_status_ip_to_sgt_mapping, + + - Paths used are + get /ers/config/sgmapping/bulk/{bulkid}, + +""" + +EXAMPLES = r""" +- name: Get SG Mapping Bulk Monitor Status by id + cisco.ise.sg_mapping_bulk_monitor_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + bulkid: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "bulkId": "string", + "mediaType": "string", + "executionStatus": "string", + "operationType": "string", + "startTime": "string", + "resourcesCount": 0, + "successCount": 0, + "failCount": 0, + "resourcesStatus": [ + { + "id": "string", + "name": "string", + "description": "string", + "resourceExecutionStatus": "string", + "status": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_mapping_bulk_request.py b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_bulk_request.py new file mode 100644 index 00000000..aa8d7f73 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_bulk_request.py @@ -0,0 +1,60 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_mapping_bulk_request +short_description: Resource module for SG Mapping Bulk Request +description: +- Manage operation update of the resource SG Mapping Bulk Request. +- This API allows the client to submit the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + operationType: + description: SG Mapping Bulk Request's operationType. + type: str + resourceMediaType: + description: SG Mapping Bulk Request's resourceMediaType. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for IPToSGTMapping + description: Complete reference of the IPToSGTMapping API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgmapping +notes: + - SDK Method used are + ip_to_sgt_mapping.IpToSgtMapping.bulk_request_for_ip_to_sgt_mapping, + + - Paths used are + put /ers/config/sgmapping/bulk/submit, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.sg_mapping_bulk_request: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + operationType: string + resourceMediaType: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_mapping_deploy.py b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_deploy.py new file mode 100644 index 00000000..d40159d1 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_deploy.py @@ -0,0 +1,56 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_mapping_deploy +short_description: Resource module for SG Mapping Deploy +description: +- Manage operation update of the resource SG Mapping Deploy. +- This API allows the client to deploy an IP to SGT mapping by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + id: + description: Id path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for IPToSGTMapping + description: Complete reference of the IPToSGTMapping API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgmapping +notes: + - SDK Method used are + ip_to_sgt_mapping.IpToSgtMapping.deploy_ip_to_sgt_mapping_by_id, + + - Paths used are + put /ers/config/sgmapping/{id}/deploy, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.sg_mapping_deploy: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_mapping_deploy_all.py b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_deploy_all.py new file mode 100644 index 00000000..20686b4c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_deploy_all.py @@ -0,0 +1,52 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_mapping_deploy_all +short_description: Resource module for SG Mapping Deploy All +description: +- Manage operation update of the resource SG Mapping Deploy All. +- This API allows the client to deploy all the IP to SGT mappings. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for IPToSGTMapping + description: Complete reference of the IPToSGTMapping API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgmapping +notes: + - SDK Method used are + ip_to_sgt_mapping.IpToSgtMapping.deploy_all_ip_to_sgt_mapping, + + - Paths used are + put /ers/config/sgmapping/deployall, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.sg_mapping_deploy_all: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_mapping_deploy_status_info.py b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_deploy_status_info.py new file mode 100644 index 00000000..605873b8 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_deploy_status_info.py @@ -0,0 +1,60 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_mapping_deploy_status_info +short_description: Information module for SG Mapping Deploy Status +description: +- Get all SG Mapping Deploy Status. +- This API allows the client to get the IP to SGT mapping deployment status. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for IPToSGTMapping + description: Complete reference of the IPToSGTMapping API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgmapping +notes: + - SDK Method used are + ip_to_sgt_mapping.IpToSgtMapping.get_deploy_status_ip_to_sgt_mapping, + + - Paths used are + put /ers/config/sgmapping/deploy/status, + +""" + +EXAMPLES = r""" +- name: Get all SG Mapping Deploy Status + cisco.ise.sg_mapping_deploy_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "resultValue": [ + { + "value": "string", + "name": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group.py b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group.py new file mode 100644 index 00000000..2f20a796 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group.py @@ -0,0 +1,131 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_mapping_group +short_description: Resource module for SG Mapping Group +description: +- Manage operations create, update and delete of the resource SG Mapping Group. +- This API creates an IP to SGT mapping group. +- This API deletes an IP to SGT mapping group. +- This API allows the client to update an IP to SGT mapping group by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + deployTo: + description: Mandatory unless mappingGroup is set or unless deployType=ALL. + type: str + deployType: + description: Allowed values - ALL, - ND, - NDG. + type: str + id: + description: Id path parameter. + type: str + name: + description: SG Mapping Group's name. + type: str + sgt: + description: Mandatory unless mappingGroup is set. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for IPToSGTMappingGroup + description: Complete reference of the IPToSGTMappingGroup API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgmappinggroup +notes: + - SDK Method used are + ip_to_sgt_mapping_group.IpToSgtMappingGroup.create_ip_to_sgt_mapping_group, + ip_to_sgt_mapping_group.IpToSgtMappingGroup.delete_ip_to_sgt_mapping_group_by_id, + ip_to_sgt_mapping_group.IpToSgtMappingGroup.update_ip_to_sgt_mapping_group_by_id, + + - Paths used are + post /ers/config/sgmappinggroup, + delete /ers/config/sgmappinggroup/{id}, + put /ers/config/sgmappinggroup/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.sg_mapping_group: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + deployTo: string + deployType: string + id: string + name: string + sgt: string + +- name: Delete by id + cisco.ise.sg_mapping_group: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.sg_mapping_group: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + deployTo: string + deployType: string + name: string + sgt: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "name": "string", + "sgt": "string", + "deployTo": "string", + "deployType": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_bulk_monitor_status_info.py new file mode 100644 index 00000000..856788bf --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_bulk_monitor_status_info.py @@ -0,0 +1,76 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_mapping_group_bulk_monitor_status_info +short_description: Information module for SG Mapping Group Bulk Monitor Status +description: +- Get SG Mapping Group Bulk Monitor Status by id. +- This API allows the client to monitor the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + bulkid: + description: + - Bulkid path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for IPToSGTMappingGroup + description: Complete reference of the IPToSGTMappingGroup API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgmappinggroup +notes: + - SDK Method used are + ip_to_sgt_mapping_group.IpToSgtMappingGroup.monitor_bulk_status_ip_to_sgt_mapping_group, + + - Paths used are + get /ers/config/sgmappinggroup/bulk/{bulkid}, + +""" + +EXAMPLES = r""" +- name: Get SG Mapping Group Bulk Monitor Status by id + cisco.ise.sg_mapping_group_bulk_monitor_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + bulkid: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "bulkId": "string", + "mediaType": "string", + "executionStatus": "string", + "operationType": "string", + "startTime": "string", + "resourcesCount": 0, + "successCount": 0, + "failCount": 0, + "resourcesStatus": [ + { + "id": "string", + "name": "string", + "description": "string", + "resourceExecutionStatus": "string", + "status": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_bulk_request.py b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_bulk_request.py new file mode 100644 index 00000000..f8f97da7 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_bulk_request.py @@ -0,0 +1,60 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_mapping_group_bulk_request +short_description: Resource module for SG Mapping Group Bulk Request +description: +- Manage operation update of the resource SG Mapping Group Bulk Request. +- This API allows the client to submit the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + operationType: + description: SG Mapping Group Bulk Request's operationType. + type: str + resourceMediaType: + description: SG Mapping Group Bulk Request's resourceMediaType. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for IPToSGTMappingGroup + description: Complete reference of the IPToSGTMappingGroup API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgmappinggroup +notes: + - SDK Method used are + ip_to_sgt_mapping_group.IpToSgtMappingGroup.bulk_request_for_ip_to_sgt_mapping_group, + + - Paths used are + put /ers/config/sgmappinggroup/bulk/submit, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.sg_mapping_group_bulk_request: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + operationType: string + resourceMediaType: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_deploy.py b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_deploy.py new file mode 100644 index 00000000..2b35f9ba --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_deploy.py @@ -0,0 +1,56 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_mapping_group_deploy +short_description: Resource module for SG Mapping Group Deploy +description: +- Manage operation update of the resource SG Mapping Group Deploy. +- This API allows the client to deploy an IP to SGT mapping group by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + id: + description: Id path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for IPToSGTMappingGroup + description: Complete reference of the IPToSGTMappingGroup API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgmappinggroup +notes: + - SDK Method used are + ip_to_sgt_mapping_group.IpToSgtMappingGroup.deploy_ip_to_sgt_mapping_group_by_id, + + - Paths used are + put /ers/config/sgmappinggroup/{id}/deploy, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.sg_mapping_group_deploy: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_deploy_all.py b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_deploy_all.py new file mode 100644 index 00000000..666c65d7 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_deploy_all.py @@ -0,0 +1,52 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_mapping_group_deploy_all +short_description: Resource module for SG Mapping Group Deploy All +description: +- Manage operation update of the resource SG Mapping Group Deploy All. +- This API allows the client to deploy all the IP to SGT mapping groups. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for IPToSGTMappingGroup + description: Complete reference of the IPToSGTMappingGroup API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgmappinggroup +notes: + - SDK Method used are + ip_to_sgt_mapping_group.IpToSgtMappingGroup.deploy_all_ip_to_sgt_mapping_group, + + - Paths used are + put /ers/config/sgmappinggroup/deployall, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.sg_mapping_group_deploy_all: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_deploy_status_info.py b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_deploy_status_info.py new file mode 100644 index 00000000..3f3cf6ad --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_deploy_status_info.py @@ -0,0 +1,60 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_mapping_group_deploy_status_info +short_description: Information module for SG Mapping Group Deploy Status +description: +- Get all SG Mapping Group Deploy Status. +- This API allows the client to get the IP to SGT mapping group deployment. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for IPToSGTMappingGroup + description: Complete reference of the IPToSGTMappingGroup API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgmappinggroup +notes: + - SDK Method used are + ip_to_sgt_mapping_group.IpToSgtMappingGroup.get_deploy_status_ip_to_sgt_mapping_group, + + - Paths used are + put /ers/config/sgmappinggroup/deploy/status, + +""" + +EXAMPLES = r""" +- name: Get all SG Mapping Group Deploy Status + cisco.ise.sg_mapping_group_deploy_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "resultValue": [ + { + "value": "string", + "name": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_info.py b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_info.py new file mode 100644 index 00000000..725b00d8 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_group_info.py @@ -0,0 +1,149 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_mapping_group_info +short_description: Information module for SG Mapping Group +description: +- Get all SG Mapping Group. +- Get SG Mapping Group by id. +- This API allows the client to get all the IP to SGT mapping groups. +- This API allows the client to get an IP to SGT mapping group by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for IPToSGTMappingGroup + description: Complete reference of the IPToSGTMappingGroup API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgmappinggroup +notes: + - SDK Method used are + ip_to_sgt_mapping_group.IpToSgtMappingGroup.get_ip_to_sgt_mapping_group_by_id, + ip_to_sgt_mapping_group.IpToSgtMappingGroup.get_ip_to_sgt_mapping_group_generator, + + - Paths used are + get /ers/config/sgmappinggroup, + get /ers/config/sgmappinggroup/{id}, + +""" + +EXAMPLES = r""" +- name: Get all SG Mapping Group + cisco.ise.sg_mapping_group_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get SG Mapping Group by id + cisco.ise.sg_mapping_group_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "name": "string", + "sgt": "string", + "deployTo": "string", + "deployType": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "name": "string", + "sgt": "string", + "deployTo": "string", + "deployType": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_mapping_info.py b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_info.py new file mode 100644 index 00000000..3ebb64ac --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_mapping_info.py @@ -0,0 +1,157 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_mapping_info +short_description: Information module for SG Mapping +description: +- Get all SG Mapping. +- Get SG Mapping by id. +- This API allows the client to get all the IP to SGT mappings. +- This API allows the client to get an IP to SGT mapping by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for IPToSGTMapping + description: Complete reference of the IPToSGTMapping API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgmapping +notes: + - SDK Method used are + ip_to_sgt_mapping.IpToSgtMapping.get_ip_to_sgt_mapping_by_id, + ip_to_sgt_mapping.IpToSgtMapping.get_ip_to_sgt_mapping_generator, + + - Paths used are + get /ers/config/sgmapping, + get /ers/config/sgmapping/{id}, + +""" + +EXAMPLES = r""" +- name: Get all SG Mapping + cisco.ise.sg_mapping_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get SG Mapping by id + cisco.ise.sg_mapping_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "sgt": "string", + "deployTo": "string", + "deployType": "string", + "hostName": "string", + "hostIp": "string", + "mappingGroup": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "sgt": "string", + "deployTo": "string", + "deployType": "string", + "hostName": "string", + "hostIp": "string", + "mappingGroup": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_to_vn_to_vlan.py b/ansible_collections/cisco/ise/plugins/modules/sg_to_vn_to_vlan.py new file mode 100644 index 00000000..4fb8805f --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_to_vn_to_vlan.py @@ -0,0 +1,209 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_to_vn_to_vlan +short_description: Resource module for SG To VN To VLAN +description: +- Manage operations create, update and delete of the resource SG To VN To VLAN. +- This API creates a security group to virtual network. +- This API deletes a security group ACL to virtual network. +- This API allows the client to update a security group to virtual network. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + description: + description: SG To VN To VLAN's description. + type: str + id: + description: SG To VN To VLAN's id. + type: str + name: + description: SG To VN To VLAN's name. + type: str + sgtId: + description: SG To VN To VLAN's sgtId. + type: str + virtualnetworklist: + description: SG To VN To VLAN's virtualnetworklist. + elements: dict + suboptions: + defaultVirtualNetwork: + description: DefaultVirtualNetwork flag. + type: bool + description: + description: SG To VN To VLAN's description. + type: str + id: + description: SG To VN To VLAN's id. + type: str + name: + description: SG To VN To VLAN's name. + type: str + vlans: + description: SG To VN To VLAN's vlans. + elements: dict + suboptions: + data: + description: Data flag. + type: bool + defaultVLAN: + description: DefaultVLAN flag. + type: bool + description: + description: SG To VN To VLAN's description. + type: str + id: + description: SG To VN To VLAN's id. + type: str + maxValue: + description: SG To VN To VLAN's maxValue. + type: int + name: + description: SG To VN To VLAN's name. + type: str + type: list + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for SecurityGroupToVirtualNetwork + description: Complete reference of the SecurityGroupToVirtualNetwork API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgtvnvlan +notes: + - SDK Method used are + security_group_to_virtual_network.SecurityGroupToVirtualNetwork.create_security_groups_to_vn_to_vlan, + security_group_to_virtual_network.SecurityGroupToVirtualNetwork.delete_security_groups_to_vn_to_vlan_by_id, + security_group_to_virtual_network.SecurityGroupToVirtualNetwork.update_security_groups_to_vn_to_vlan_by_id, + + - Paths used are + post /ers/config/sgtvnvlan, + delete /ers/config/sgtvnvlan/{id}, + put /ers/config/sgtvnvlan/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.sg_to_vn_to_vlan: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + id: string + name: string + sgtId: string + virtualnetworklist: + - defaultVirtualNetwork: true + description: string + id: string + name: string + vlans: + - data: true + defaultVlan: true + description: string + id: string + maxValue: 0 + name: string + +- name: Delete by id + cisco.ise.sg_to_vn_to_vlan: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.sg_to_vn_to_vlan: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + id: string + name: string + sgtId: string + virtualnetworklist: + - defaultVirtualNetwork: true + description: string + id: string + name: string + vlans: + - data: true + defaultVlan: true + description: string + id: string + maxValue: 0 + name: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "sgtId": "string", + "virtualnetworklist": [ + { + "id": "string", + "name": "string", + "description": "string", + "defaultVirtualNetwork": true, + "vlans": [ + { + "id": "string", + "name": "string", + "description": "string", + "defaultVlan": true, + "maxValue": 0, + "data": true + } + ] + } + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_to_vn_to_vlan_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/modules/sg_to_vn_to_vlan_bulk_monitor_status_info.py new file mode 100644 index 00000000..b97da0a7 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_to_vn_to_vlan_bulk_monitor_status_info.py @@ -0,0 +1,76 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_to_vn_to_vlan_bulk_monitor_status_info +short_description: Information module for SG To VN To VLAN Bulk Monitor Status +description: +- Get SG To VN To VLAN Bulk Monitor Status by id. +- This API allows the client to monitor the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + bulkid: + description: + - Bulkid path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for SecurityGroupToVirtualNetwork + description: Complete reference of the SecurityGroupToVirtualNetwork API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgtvnvlan +notes: + - SDK Method used are + security_group_to_virtual_network.SecurityGroupToVirtualNetwork.monitor_bulk_status_security_groups_to_vn_to_vlan, + + - Paths used are + get /ers/config/sgtvnvlan/bulk/{bulkid}, + +""" + +EXAMPLES = r""" +- name: Get SG To VN To VLAN Bulk Monitor Status by id + cisco.ise.sg_to_vn_to_vlan_bulk_monitor_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + bulkid: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "bulkId": "string", + "mediaType": "string", + "executionStatus": "string", + "operationType": "string", + "startTime": "string", + "resourcesCount": 0, + "successCount": 0, + "failCount": 0, + "resourcesStatus": [ + { + "id": "string", + "name": "string", + "description": "string", + "resourceExecutionStatus": "string", + "status": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_to_vn_to_vlan_bulk_request.py b/ansible_collections/cisco/ise/plugins/modules/sg_to_vn_to_vlan_bulk_request.py new file mode 100644 index 00000000..958cf405 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_to_vn_to_vlan_bulk_request.py @@ -0,0 +1,60 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_to_vn_to_vlan_bulk_request +short_description: Resource module for SG To VN To VLAN Bulk Request +description: +- Manage operation update of the resource SG To VN To VLAN Bulk Request. +- This API allows the client to submit the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + operationType: + description: SG To VN To VLAN Bulk Request's operationType. + type: str + resourceMediaType: + description: SG To VN To VLAN Bulk Request's resourceMediaType. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for SecurityGroupToVirtualNetwork + description: Complete reference of the SecurityGroupToVirtualNetwork API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgtvnvlan +notes: + - SDK Method used are + security_group_to_virtual_network.SecurityGroupToVirtualNetwork.bulk_request_for_security_groups_to_vn_to_vlan, + + - Paths used are + put /ers/config/sgtvnvlan/bulk/submit, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.sg_to_vn_to_vlan_bulk_request: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + operationType: string + resourceMediaType: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sg_to_vn_to_vlan_info.py b/ansible_collections/cisco/ise/plugins/modules/sg_to_vn_to_vlan_info.py new file mode 100644 index 00000000..18394741 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sg_to_vn_to_vlan_info.py @@ -0,0 +1,175 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sg_to_vn_to_vlan_info +short_description: Information module for SG To VN To VLAN +description: +- Get all SG To VN To VLAN. +- Get SG To VN To VLAN by id. +- This API allows the client to get a security group to virtual network by ID. +- This API allows the client to get all the security group ACL to virtual. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for SecurityGroupToVirtualNetwork + description: Complete reference of the SecurityGroupToVirtualNetwork API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgtvnvlan +notes: + - SDK Method used are + security_group_to_virtual_network.SecurityGroupToVirtualNetwork.get_security_groups_to_vn_to_vlan_by_id, + security_group_to_virtual_network.SecurityGroupToVirtualNetwork.get_security_groups_to_vn_to_vlan_generator, + + - Paths used are + get /ers/config/sgtvnvlan, + get /ers/config/sgtvnvlan/{id}, + +""" + +EXAMPLES = r""" +- name: Get all SG To VN To VLAN + cisco.ise.sg_to_vn_to_vlan_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + filter: [] + filterType: AND + register: result + +- name: Get SG To VN To VLAN by id + cisco.ise.sg_to_vn_to_vlan_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "sgtId": "string", + "virtualnetworklist": [ + { + "id": "string", + "name": "string", + "description": "string", + "defaultVirtualNetwork": true, + "vlans": [ + { + "id": "string", + "name": "string", + "description": "string", + "defaultVlan": true, + "maxValue": 0, + "data": true + } + ] + } + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "sgtId": "string", + "virtualnetworklist": [ + { + "id": "string", + "name": "string", + "description": "string", + "defaultVirtualNetwork": true, + "vlans": [ + { + "id": "string", + "name": "string", + "description": "string", + "defaultVlan": true, + "maxValue": 0, + "data": true + } + ] + } + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sgt.py b/ansible_collections/cisco/ise/plugins/modules/sgt.py new file mode 100644 index 00000000..c7d7e013 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sgt.py @@ -0,0 +1,157 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sgt +short_description: Resource module for SGt +description: +- Manage operations create, update and delete of the resource SGt. +- This API creates a security group. +- This API deletes a security group. +- This API allows the client to update a security group. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + defaultSGACLs: + description: SGt's defaultSGACLs. + elements: dict + type: list + description: + description: SGt's description. + type: str + generationId: + description: SGt's generationId. + type: str + id: + description: SGt's id. + type: str + isReadOnly: + description: IsReadOnly flag. + type: bool + name: + description: SGt's name. + type: str + required: true + propogateToApic: + description: PropogateToApic flag. + type: bool + value: + description: Value range 2 ot 65519 or -1 to auto-generate. + type: int + required: true +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for SecurityGroups + description: Complete reference of the SecurityGroups API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgt +notes: + - SDK Method used are + security_groups.SecurityGroups.create_security_group, + security_groups.SecurityGroups.delete_security_group_by_id, + security_groups.SecurityGroups.update_security_group_by_id, + + - Paths used are + post /ers/config/sgt, + delete /ers/config/sgt/{id}, + put /ers/config/sgt/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.sgt: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + defaultSGACLs: + - {} + description: string + generationId: string + id: string + isReadOnly: true + name: string + propogateToApic: true + value: 0 + +- name: Delete by id + cisco.ise.sgt: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.sgt: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + defaultSGACLs: + - {} + description: string + generationId: string + isReadOnly: true + name: string + propogateToApic: true + value: 0 + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "value": 0, + "generationId": "string", + "isReadOnly": true, + "propogateToApic": true, + "defaultSGACLs": [ + {} + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sgt_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/modules/sgt_bulk_monitor_status_info.py new file mode 100644 index 00000000..f8776d48 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sgt_bulk_monitor_status_info.py @@ -0,0 +1,76 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sgt_bulk_monitor_status_info +short_description: Information module for SGt Bulk Monitor Status +description: +- Get SGt Bulk Monitor Status by id. +- This API allows the client to monitor the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + bulkid: + description: + - Bulkid path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for SecurityGroups + description: Complete reference of the SecurityGroups API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgt +notes: + - SDK Method used are + security_groups.SecurityGroups.monitor_bulk_status_security_group, + + - Paths used are + get /ers/config/sgt/bulk/{bulkid}, + +""" + +EXAMPLES = r""" +- name: Get SGt Bulk Monitor Status by id + cisco.ise.sgt_bulk_monitor_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + bulkid: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "bulkId": "string", + "mediaType": "string", + "executionStatus": "string", + "operationType": "string", + "startTime": "string", + "resourcesCount": 0, + "successCount": 0, + "failCount": 0, + "resourcesStatus": [ + { + "id": "string", + "name": "string", + "description": "string", + "resourceExecutionStatus": "string", + "status": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sgt_bulk_request.py b/ansible_collections/cisco/ise/plugins/modules/sgt_bulk_request.py new file mode 100644 index 00000000..c295c10b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sgt_bulk_request.py @@ -0,0 +1,60 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sgt_bulk_request +short_description: Resource module for SGt Bulk Request +description: +- Manage operation update of the resource SGt Bulk Request. +- This API allows the client to submit the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + operationType: + description: SGt Bulk Request's operationType. + type: str + resourceMediaType: + description: SGt Bulk Request's resourceMediaType. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for SecurityGroups + description: Complete reference of the SecurityGroups API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgt +notes: + - SDK Method used are + security_groups.SecurityGroups.bulk_request_for_security_group, + + - Paths used are + put /ers/config/sgt/bulk/submit, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.sgt_bulk_request: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + operationType: string + resourceMediaType: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sgt_info.py b/ansible_collections/cisco/ise/plugins/modules/sgt_info.py new file mode 100644 index 00000000..0e483e94 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sgt_info.py @@ -0,0 +1,161 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sgt_info +short_description: Information module for SGt +description: +- Get all SGt. +- Get SGt by id. +- This API allows the client to get a security group by ID. +- This API allows the client to get all the security groups. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for SecurityGroups + description: Complete reference of the SecurityGroups API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!sgt +notes: + - SDK Method used are + security_groups.SecurityGroups.get_security_group_by_id, + security_groups.SecurityGroups.get_security_groups_generator, + + - Paths used are + get /ers/config/sgt, + get /ers/config/sgt/{id}, + +""" + +EXAMPLES = r""" +- name: Get all SGt + cisco.ise.sgt_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get SGt by id + cisco.ise.sgt_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "value": 0, + "generationId": "string", + "isReadOnly": true, + "propogateToApic": true, + "defaultSGACLs": [ + {} + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "value": 0, + "generationId": "string", + "isReadOnly": true, + "propogateToApic": true, + "defaultSGACLs": [ + {} + ], + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sms_provider_info.py b/ansible_collections/cisco/ise/plugins/modules/sms_provider_info.py new file mode 100644 index 00000000..6b6beed7 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sms_provider_info.py @@ -0,0 +1,127 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sms_provider_info +short_description: Information module for SMS Provider +description: +- Get all SMS Provider. +- This API allows the client to get all the SMS providers. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sms_provider.SmsProvider.get_sms_provider_generator, + + - Paths used are + get /ers/config/smsprovider, + +""" + +EXAMPLES = r""" +- name: Get all SMS Provider + cisco.ise.sms_provider_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sponsor_group.py b/ansible_collections/cisco/ise/plugins/modules/sponsor_group.py new file mode 100644 index 00000000..e684f937 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sponsor_group.py @@ -0,0 +1,309 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sponsor_group +short_description: Resource module for Sponsor Group +description: +- Manage operations create, update and delete of the resource Sponsor Group. +- This API creates a sponsor group. +- This API deletes a sponsor group by ID. +- This API allows the client to update a sponsor group by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + autoNotification: + description: AutoNotification flag. + type: bool + createPermissions: + description: Sponsor Group's createPermissions. + suboptions: + canCreateRandomAccounts: + description: CanCreateRandomAccounts flag. + type: bool + canImportMultipleAccounts: + description: CanImportMultipleAccounts flag. + type: bool + canSetFutureStartDate: + description: CanSetFutureStartDate flag. + type: bool + canSpecifyUsernamePrefix: + description: CanSpecifyUsernamePrefix flag. + type: bool + defaultUsernamePrefix: + description: Sponsor Group's defaultUsernamePrefix. + type: str + importBatchSizeLimit: + description: Sponsor Group's importBatchSizeLimit. + type: int + randomBatchSizeLimit: + description: Sponsor Group's randomBatchSizeLimit. + type: int + startDateFutureLimitDays: + description: Sponsor Group's startDateFutureLimitDays. + type: int + type: dict + description: + description: Sponsor Group's description. + type: str + guestTypes: + description: Sponsor Group's guestTypes. + elements: str + type: list + id: + description: Sponsor Group's id. + type: str + isDefaultGroup: + description: IsDefaultGroup flag. + type: bool + isEnabled: + description: IsEnabled flag. + type: bool + locations: + description: Sponsor Group's locations. + elements: str + type: list + managePermission: + description: Sponsor Group's managePermission. + type: str + memberGroups: + description: Sponsor Group's memberGroups. + elements: str + type: list + name: + description: Sponsor Group's name. + type: str + otherPermissions: + description: Sponsor Group's otherPermissions. + suboptions: + canAccessViaREST: + description: CanAccessViaREST flag. + type: bool + canApproveSelfregGuests: + description: CanApproveSelfregGuests flag. + type: bool + canDeleteGuestAccounts: + description: CanDeleteGuestAccounts flag. + type: bool + canExtendGuestAccounts: + description: CanExtendGuestAccounts flag. + type: bool + canReinstateSuspendedAccounts: + description: CanReinstateSuspendedAccounts flag. + type: bool + canResetGuestPasswords: + description: CanResetGuestPasswords flag. + type: bool + canSendSMSNotifications: + description: CanSendSMSNotifications flag. + type: bool + canSuspendGuestAccounts: + description: CanSuspendGuestAccounts flag. + type: bool + canUpdateGuestContactInfo: + description: CanUpdateGuestContactInfo flag. + type: bool + canViewGuestPasswords: + description: CanViewGuestPasswords flag. + type: bool + limitApprovalToSponsorsGuests: + description: LimitApprovalToSponsorsGuests flag. + type: bool + requireSuspensionReason: + description: RequireSuspensionReason flag. + type: bool + type: dict +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sponsor_group.SponsorGroup.create_sponsor_group, + sponsor_group.SponsorGroup.delete_sponsor_group_by_id, + sponsor_group.SponsorGroup.update_sponsor_group_by_id, + + - Paths used are + post /ers/config/sponsorgroup, + delete /ers/config/sponsorgroup/{id}, + put /ers/config/sponsorgroup/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.sponsor_group: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + autoNotification: true + createPermissions: + canCreateRandomAccounts: true + canImportMultipleAccounts: true + canSetFutureStartDate: true + canSpecifyUsernamePrefix: true + defaultUsernamePrefix: string + importBatchSizeLimit: 0 + randomBatchSizeLimit: 0 + startDateFutureLimitDays: 0 + description: string + guestTypes: + - string + id: string + isDefaultGroup: true + isEnabled: true + locations: + - string + managePermission: string + memberGroups: + - string + name: string + otherPermissions: + canAccessViaRest: true + canApproveSelfregGuests: true + canDeleteGuestAccounts: true + canExtendGuestAccounts: true + canReinstateSuspendedAccounts: true + canResetGuestPasswords: true + canSendSmsNotifications: true + canSuspendGuestAccounts: true + canUpdateGuestContactInfo: true + canViewGuestPasswords: true + limitApprovalToSponsorsGuests: true + requireSuspensionReason: true + +- name: Delete by id + cisco.ise.sponsor_group: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.sponsor_group: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + autoNotification: true + createPermissions: + canCreateRandomAccounts: true + canImportMultipleAccounts: true + canSetFutureStartDate: true + canSpecifyUsernamePrefix: true + defaultUsernamePrefix: string + importBatchSizeLimit: 0 + randomBatchSizeLimit: 0 + startDateFutureLimitDays: 0 + description: string + guestTypes: + - string + isDefaultGroup: true + isEnabled: true + locations: + - string + managePermission: string + memberGroups: + - string + name: string + otherPermissions: + canAccessViaRest: true + canApproveSelfregGuests: true + canDeleteGuestAccounts: true + canExtendGuestAccounts: true + canReinstateSuspendedAccounts: true + canResetGuestPasswords: true + canSendSmsNotifications: true + canSuspendGuestAccounts: true + canUpdateGuestContactInfo: true + canViewGuestPasswords: true + limitApprovalToSponsorsGuests: true + requireSuspensionReason: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "isEnabled": true, + "isDefaultGroup": true, + "memberGroups": [ + "string" + ], + "guestTypes": [ + "string" + ], + "locations": [ + "string" + ], + "autoNotification": true, + "createPermissions": { + "canImportMultipleAccounts": true, + "importBatchSizeLimit": 0, + "canCreateRandomAccounts": true, + "randomBatchSizeLimit": 0, + "defaultUsernamePrefix": "string", + "canSpecifyUsernamePrefix": true, + "canSetFutureStartDate": true, + "startDateFutureLimitDays": 0 + }, + "managePermission": "string", + "otherPermissions": { + "canUpdateGuestContactInfo": true, + "canViewGuestPasswords": true, + "canSendSmsNotifications": true, + "canResetGuestPasswords": true, + "canExtendGuestAccounts": true, + "canDeleteGuestAccounts": true, + "canSuspendGuestAccounts": true, + "requireSuspensionReason": true, + "canReinstateSuspendedAccounts": true, + "canApproveSelfregGuests": true, + "limitApprovalToSponsorsGuests": true, + "canAccessViaRest": true + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sponsor_group_info.py b/ansible_collections/cisco/ise/plugins/modules/sponsor_group_info.py new file mode 100644 index 00000000..b6892c6f --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sponsor_group_info.py @@ -0,0 +1,217 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sponsor_group_info +short_description: Information module for Sponsor Group +description: +- Get all Sponsor Group. +- Get Sponsor Group by id. +- This API allows the client to get a sponsor group by ID. +- This API allows the client to get all the sponsor groups. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sponsor_group.SponsorGroup.get_sponsor_group_by_id, + sponsor_group.SponsorGroup.get_sponsor_group_generator, + + - Paths used are + get /ers/config/sponsorgroup, + get /ers/config/sponsorgroup/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Sponsor Group + cisco.ise.sponsor_group_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Sponsor Group by id + cisco.ise.sponsor_group_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "isEnabled": true, + "isDefaultGroup": true, + "memberGroups": [ + "string" + ], + "guestTypes": [ + "string" + ], + "locations": [ + "string" + ], + "autoNotification": true, + "createPermissions": { + "canImportMultipleAccounts": true, + "importBatchSizeLimit": 0, + "canCreateRandomAccounts": true, + "randomBatchSizeLimit": 0, + "defaultUsernamePrefix": "string", + "canSpecifyUsernamePrefix": true, + "canSetFutureStartDate": true, + "startDateFutureLimitDays": 0 + }, + "managePermission": "string", + "otherPermissions": { + "canUpdateGuestContactInfo": true, + "canViewGuestPasswords": true, + "canSendSmsNotifications": true, + "canResetGuestPasswords": true, + "canExtendGuestAccounts": true, + "canDeleteGuestAccounts": true, + "canSuspendGuestAccounts": true, + "requireSuspensionReason": true, + "canReinstateSuspendedAccounts": true, + "canApproveSelfregGuests": true, + "limitApprovalToSponsorsGuests": true, + "canAccessViaRest": true + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "isEnabled": true, + "isDefaultGroup": true, + "memberGroups": [ + "string" + ], + "guestTypes": [ + "string" + ], + "locations": [ + "string" + ], + "autoNotification": true, + "createPermissions": { + "canImportMultipleAccounts": true, + "importBatchSizeLimit": 0, + "canCreateRandomAccounts": true, + "randomBatchSizeLimit": 0, + "defaultUsernamePrefix": "string", + "canSpecifyUsernamePrefix": true, + "canSetFutureStartDate": true, + "startDateFutureLimitDays": 0 + }, + "managePermission": "string", + "otherPermissions": { + "canUpdateGuestContactInfo": true, + "canViewGuestPasswords": true, + "canSendSmsNotifications": true, + "canResetGuestPasswords": true, + "canExtendGuestAccounts": true, + "canDeleteGuestAccounts": true, + "canSuspendGuestAccounts": true, + "requireSuspensionReason": true, + "canReinstateSuspendedAccounts": true, + "canApproveSelfregGuests": true, + "limitApprovalToSponsorsGuests": true, + "canAccessViaRest": true + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sponsor_group_member_info.py b/ansible_collections/cisco/ise/plugins/modules/sponsor_group_member_info.py new file mode 100644 index 00000000..c49c76f4 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sponsor_group_member_info.py @@ -0,0 +1,127 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sponsor_group_member_info +short_description: Information module for Sponsor Group Member +description: +- Get all Sponsor Group Member. +- This API allows the client to get all the sponsor group members. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sponsor_group_member.SponsorGroupMember.get_sponsor_group_member_generator, + + - Paths used are + get /ers/config/sponsorgroupmember, + +""" + +EXAMPLES = r""" +- name: Get all Sponsor Group Member + cisco.ise.sponsor_group_member_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sponsor_portal.py b/ansible_collections/cisco/ise/plugins/modules/sponsor_portal.py new file mode 100644 index 00000000..22b53b5f --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sponsor_portal.py @@ -0,0 +1,609 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sponsor_portal +short_description: Resource module for Sponsor Portal +description: +- Manage operations create, update and delete of the resource Sponsor Portal. +- This API creates a sponsor portal. +- This API deletes a sponsor portal by ID. +- This API allows the client to update a sponsor portal by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + customizations: + description: Sponsor Portal's customizations. + suboptions: + globalCustomizations: + description: Sponsor Portal's globalCustomizations. + suboptions: + backgroundImage: + description: Sponsor Portal's backgroundImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + bannerImage: + description: Sponsor Portal's bannerImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + bannerTitle: + description: Sponsor Portal's bannerTitle. + type: str + contactText: + description: Sponsor Portal's contactText. + type: str + desktopLogoImage: + description: Sponsor Portal's desktopLogoImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + footerElement: + description: Sponsor Portal's footerElement. + type: str + mobileLogoImage: + description: Sponsor Portal's mobileLogoImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + type: dict + language: + description: This property is supported only for Read operation and it allows + to show the customizations in English. Other languages are not supported. + suboptions: + viewLanguage: + description: Sponsor Portal's viewLanguage. + type: str + type: dict + pageCustomizations: + description: Sponsor Portal's pageCustomizations. + suboptions: + data: + description: The Dictionary will be exposed here as key value pair. + elements: dict + suboptions: + key: + description: Sponsor Portal's key. + type: str + value: + description: Sponsor Portal's value. + type: str + type: list + type: dict + portalTheme: + description: Sponsor Portal's portalTheme. + suboptions: + id: + description: Sponsor Portal's id. + type: str + name: + description: The system- or user-assigned name of the portal theme. + type: str + themeData: + description: A CSS file, represented as a Base64-encoded byte array. + type: str + type: dict + portalTweakSettings: + description: The Tweak Settings are a customization of the Portal Theme that + has been selected for the portal. When the Portal Theme selection is changed, + the Tweak Settings are overwritten to match the values in the theme. The Tweak + Settings can subsequently be changed by the user. + suboptions: + bannerColor: + description: Hex value of color. + type: str + bannerTextColor: + description: Sponsor Portal's bannerTextColor. + type: str + pageBackgroundColor: + description: Sponsor Portal's pageBackgroundColor. + type: str + pageLabelAndTextColor: + description: Sponsor Portal's pageLabelAndTextColor. + type: str + type: dict + type: dict + description: + description: Sponsor Portal's description. + type: str + id: + description: Sponsor Portal's id. + type: str + name: + description: Sponsor Portal's name. + type: str + portalTestUrl: + description: URL to bring up a test page for this portal. + type: str + portalType: + description: Allowed values - BYOD, - HOTSPOTGUEST, - MYDEVICE, - SELFREGGUEST, + - SPONSOR, - SPONSOREDGUEST. + type: str + settings: + description: Defines all of the settings groups available for a portal. + suboptions: + aupSettings: + description: Sponsor Portal's aupSettings. + suboptions: + displayFrequency: + description: How the AUP should be displayed, either on page or as a link. + Only valid if includeAup = true. Allowed Values - FIRSTLOGIN, - EVERYLOGIN, + - RECURRING. + type: str + displayFrequencyIntervalDays: + description: Number of days between AUP confirmations (when displayFrequency + = recurring). + type: int + includeAup: + description: IncludeAup flag. + type: bool + requireScrolling: + description: RequireScrolling flag. + type: bool + type: dict + loginPageSettings: + description: Portal Login Page settings groups follow. + suboptions: + aupDisplay: + description: How the AUP should be displayed, either on page or as a link. + Only valid if includeAup = true. Allowed values - ONPAGE, - ASLINK. + type: str + includeAup: + description: Include an Acceptable Use Policy (AUP) that should be displayed + during login. + type: bool + maxFailedAttemptsBeforeRateLimit: + description: Maximum failed login attempts before rate limiting. + type: int + requireAupAcceptance: + description: Require the portal user to accept the AUP. Only valid if includeAup + = true. + type: bool + requireAupScrolling: + description: RequireAupScrolling flag. + type: bool + socialConfigs: + description: Sponsor Portal's socialConfigs. + elements: dict + type: list + timeBetweenLoginsDuringRateLimit: + description: Time between login attempts when rate limiting. + type: int + type: dict + portalSettings: + description: The port, interface, certificate, and other basic settings of a + portal. + suboptions: + allowedInterfaces: + description: Interfaces that the portal will be reachable on. Allowed values + - eth0, - eth1, - eth2, - eth3, - eth4, - eth5, - bond0, - bond1, - bond2. + elements: str + type: list + authenticationMethod: + description: Unique Id of the identity source sequence. + type: str + availableSSIDs: + description: Names of the SSIDs available for assignment to guest users + by sponsors. + elements: str + type: list + certificateGroupTag: + description: Logical name of the x.509 server certificate that will be used + for the portal. + type: str + displayLang: + description: Allowed values - USEBROWSERLOCALE, - ALWAYSUSE. + type: str + fallbackLanguage: + description: Used when displayLang = USEBROWSERLOCALE. + type: str + fqdn: + description: The fully-qualified domain name (FQDN) that end-users will + use to access this portal. Used only in Sponsor portal. + type: str + httpsPort: + description: The port number that the allowed interfaces will listen on. + Range from 8000 to 8999. + type: int + idleTimeout: + description: Sponsor Portal's idleTimeout. + type: int + type: dict + postAccessBannerSettings: + description: Sponsor Portal's postAccessBannerSettings. + suboptions: + includePostAccessBanner: + description: IncludePostAccessBanner flag. + type: bool + type: dict + postLoginBannerSettings: + description: Sponsor Portal's postLoginBannerSettings. + suboptions: + includePostAccessBanner: + description: Include a Post-Login Banner page. + type: bool + type: dict + sponsorChangePasswordSettings: + description: Sponsor Portal's sponsorChangePasswordSettings. + suboptions: + allowSponsorToChangePwd: + description: Allow sponsors to change their own passwords. + type: bool + type: dict + supportInfoSettings: + description: Sponsor Portal's supportInfoSettings. + suboptions: + defaultEmptyFieldValue: + description: The default value displayed for an empty field. Only valid + when emptyFieldDisplay = DISPLAYWITHDEFAULTVALUE. + type: str + emptyFieldDisplay: + description: Specifies how empty fields are handled on the Support Information + Page. Allowed values - HIDE, - DISPLAYWITHNOVALUE, - DISPLAYWITHDEFAULTVALUE. + type: str + includeBrowserUserAgent: + description: IncludeBrowserUserAgent flag. + type: bool + includeFailureCode: + description: IncludeFailureCode flag. + type: bool + includeIpAddress: + description: IncludeIpAddress flag. + type: bool + includeMacAddr: + description: IncludeMacAddr flag. + type: bool + includePolicyServer: + description: IncludePolicyServer flag. + type: bool + includeSupportInfoPage: + description: IncludeSupportInfoPage flag. + type: bool + type: dict + type: dict +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sponsor_portal.SponsorPortal.create_sponsor_portal, + sponsor_portal.SponsorPortal.delete_sponsor_portal_by_id, + sponsor_portal.SponsorPortal.update_sponsor_portal_by_id, + + - Paths used are + post /ers/config/sponsorportal, + delete /ers/config/sponsorportal/{id}, + put /ers/config/sponsorportal/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.sponsor_portal: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + customizations: + globalCustomizations: + backgroundImage: + data: string + bannerImage: + data: string + bannerTitle: string + contactText: string + desktopLogoImage: + data: string + footerElement: string + mobileLogoImage: + data: string + language: + viewLanguage: string + pageCustomizations: + data: + - key: string + value: string + portalTheme: + id: string + name: string + themeData: string + portalTweakSettings: + bannerColor: string + bannerTextColor: string + pageBackgroundColor: string + pageLabelAndTextColor: string + description: string + id: string + name: string + portalTestUrl: string + portalType: string + settings: + aupSettings: + displayFrequency: string + displayFrequencyIntervalDays: 0 + includeAup: true + requireScrolling: true + loginPageSettings: + aupDisplay: string + includeAup: true + maxFailedAttemptsBeforeRateLimit: 0 + requireAupAcceptance: true + requireAupScrolling: true + socialConfigs: + - {} + timeBetweenLoginsDuringRateLimit: 0 + portalSettings: + allowedInterfaces: + - string + authenticationMethod: string + availableSsids: + - string + certificateGroupTag: string + displayLang: string + fallbackLanguage: string + fqdn: string + httpsPort: 0 + idleTimeout: 0 + postAccessBannerSettings: + includePostAccessBanner: true + postLoginBannerSettings: + includePostAccessBanner: true + sponsorChangePasswordSettings: + allowSponsorToChangePwd: true + supportInfoSettings: + defaultEmptyFieldValue: string + emptyFieldDisplay: string + includeBrowserUserAgent: true + includeFailureCode: true + includeIpAddress: true + includeMacAddr: true + includePolicyServer: true + includeSupportInfoPage: true + +- name: Delete by id + cisco.ise.sponsor_portal: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.sponsor_portal: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + customizations: + globalCustomizations: + backgroundImage: + data: string + bannerImage: + data: string + bannerTitle: string + contactText: string + desktopLogoImage: + data: string + footerElement: string + mobileLogoImage: + data: string + language: + viewLanguage: string + pageCustomizations: + data: + - key: string + value: string + portalTheme: + id: string + name: string + themeData: string + portalTweakSettings: + bannerColor: string + bannerTextColor: string + pageBackgroundColor: string + pageLabelAndTextColor: string + description: string + name: string + portalTestUrl: string + portalType: string + settings: + aupSettings: + displayFrequency: string + displayFrequencyIntervalDays: 0 + includeAup: true + requireScrolling: true + loginPageSettings: + aupDisplay: string + includeAup: true + maxFailedAttemptsBeforeRateLimit: 0 + requireAupAcceptance: true + requireAupScrolling: true + socialConfigs: + - {} + timeBetweenLoginsDuringRateLimit: 0 + portalSettings: + allowedInterfaces: + - string + authenticationMethod: string + availableSsids: + - string + certificateGroupTag: string + displayLang: string + fallbackLanguage: string + fqdn: string + httpsPort: 0 + idleTimeout: 0 + postAccessBannerSettings: + includePostAccessBanner: true + postLoginBannerSettings: + includePostAccessBanner: true + sponsorChangePasswordSettings: + allowSponsorToChangePwd: true + supportInfoSettings: + defaultEmptyFieldValue: string + emptyFieldDisplay: string + includeBrowserUserAgent: true + includeFailureCode: true + includeIpAddress: true + includeMacAddr: true + includePolicyServer: true + includeSupportInfoPage: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "portalTestUrl": "string", + "settings": { + "portalSettings": { + "httpsPort": 0, + "allowedInterfaces": [ + "string" + ], + "certificateGroupTag": "string", + "fqdn": "string", + "authenticationMethod": "string", + "idleTimeout": 0, + "displayLang": "string", + "fallbackLanguage": "string", + "availableSsids": [ + "string" + ] + }, + "loginPageSettings": { + "maxFailedAttemptsBeforeRateLimit": 0, + "timeBetweenLoginsDuringRateLimit": 0, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "requireAupScrolling": true, + "socialConfigs": [ + {} + ] + }, + "aupSettings": { + "includeAup": true, + "requireScrolling": true, + "displayFrequency": "string", + "displayFrequencyIntervalDays": 0 + }, + "sponsorChangePasswordSettings": { + "allowSponsorToChangePwd": true + }, + "postLoginBannerSettings": { + "includePostAccessBanner": true + }, + "postAccessBannerSettings": { + "includePostAccessBanner": true + }, + "supportInfoSettings": { + "includeSupportInfoPage": true, + "includeMacAddr": true, + "includeIpAddress": true, + "includeBrowserUserAgent": true, + "includePolicyServer": true, + "includeFailureCode": true, + "emptyFieldDisplay": "string", + "defaultEmptyFieldValue": "string" + } + }, + "customizations": { + "portalTheme": { + "id": "string", + "name": "string", + "themeData": "string" + }, + "portalTweakSettings": { + "bannerColor": "string", + "bannerTextColor": "string", + "pageBackgroundColor": "string", + "pageLabelAndTextColor": "string" + }, + "language": { + "viewLanguage": "string" + }, + "globalCustomizations": { + "mobileLogoImage": { + "data": "string" + }, + "desktopLogoImage": { + "data": "string" + }, + "bannerImage": { + "data": "string" + }, + "backgroundImage": { + "data": "string" + }, + "bannerTitle": "string", + "contactText": "string", + "footerElement": "string" + }, + "pageCustomizations": { + "data": [ + { + "key": "string", + "value": "string" + } + ] + } + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sponsor_portal_info.py b/ansible_collections/cisco/ise/plugins/modules/sponsor_portal_info.py new file mode 100644 index 00000000..8fafce1d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sponsor_portal_info.py @@ -0,0 +1,335 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sponsor_portal_info +short_description: Information module for Sponsor Portal +description: +- Get all Sponsor Portal. +- Get Sponsor Portal by id. +- This API allows the client to get a sponsor portal by ID. +- This API allows the client to get all the sponsor portals. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sponsor_portal.SponsorPortal.get_sponsor_portal_by_id, + sponsor_portal.SponsorPortal.get_sponsor_portal_generator, + + - Paths used are + get /ers/config/sponsorportal, + get /ers/config/sponsorportal/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Sponsor Portal + cisco.ise.sponsor_portal_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Sponsor Portal by id + cisco.ise.sponsor_portal_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "portalTestUrl": "string", + "settings": { + "portalSettings": { + "httpsPort": 0, + "allowedInterfaces": [ + "string" + ], + "certificateGroupTag": "string", + "fqdn": "string", + "authenticationMethod": "string", + "idleTimeout": 0, + "displayLang": "string", + "fallbackLanguage": "string", + "availableSsids": [ + "string" + ] + }, + "loginPageSettings": { + "maxFailedAttemptsBeforeRateLimit": 0, + "timeBetweenLoginsDuringRateLimit": 0, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "requireAupScrolling": true, + "socialConfigs": [ + {} + ] + }, + "aupSettings": { + "includeAup": true, + "requireScrolling": true, + "displayFrequency": "string", + "displayFrequencyIntervalDays": 0 + }, + "sponsorChangePasswordSettings": { + "allowSponsorToChangePwd": true + }, + "postLoginBannerSettings": { + "includePostAccessBanner": true + }, + "postAccessBannerSettings": { + "includePostAccessBanner": true + }, + "supportInfoSettings": { + "includeSupportInfoPage": true, + "includeMacAddr": true, + "includeIpAddress": true, + "includeBrowserUserAgent": true, + "includePolicyServer": true, + "includeFailureCode": true, + "emptyFieldDisplay": "string", + "defaultEmptyFieldValue": "string" + } + }, + "customizations": { + "portalTheme": { + "id": "string", + "name": "string", + "themeData": "string" + }, + "portalTweakSettings": { + "bannerColor": "string", + "bannerTextColor": "string", + "pageBackgroundColor": "string", + "pageLabelAndTextColor": "string" + }, + "language": { + "viewLanguage": "string" + }, + "globalCustomizations": { + "mobileLogoImage": { + "data": "string" + }, + "desktopLogoImage": { + "data": "string" + }, + "bannerImage": { + "data": "string" + }, + "backgroundImage": { + "data": "string" + }, + "bannerTitle": "string", + "contactText": "string", + "footerElement": "string" + }, + "pageCustomizations": { + "data": [ + { + "key": "string", + "value": "string" + } + ] + } + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "portalTestUrl": "string", + "settings": { + "portalSettings": { + "httpsPort": 0, + "allowedInterfaces": [ + "string" + ], + "certificateGroupTag": "string", + "fqdn": "string", + "authenticationMethod": "string", + "idleTimeout": 0, + "displayLang": "string", + "fallbackLanguage": "string", + "availableSsids": [ + "string" + ] + }, + "loginPageSettings": { + "maxFailedAttemptsBeforeRateLimit": 0, + "timeBetweenLoginsDuringRateLimit": 0, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "requireAupScrolling": true, + "socialConfigs": [ + {} + ] + }, + "aupSettings": { + "includeAup": true, + "requireScrolling": true, + "displayFrequency": "string", + "displayFrequencyIntervalDays": 0 + }, + "sponsorChangePasswordSettings": { + "allowSponsorToChangePwd": true + }, + "postLoginBannerSettings": { + "includePostAccessBanner": true + }, + "postAccessBannerSettings": { + "includePostAccessBanner": true + }, + "supportInfoSettings": { + "includeSupportInfoPage": true, + "includeMacAddr": true, + "includeIpAddress": true, + "includeBrowserUserAgent": true, + "includePolicyServer": true, + "includeFailureCode": true, + "emptyFieldDisplay": "string", + "defaultEmptyFieldValue": "string" + } + }, + "customizations": { + "portalTheme": { + "id": "string", + "name": "string", + "themeData": "string" + }, + "portalTweakSettings": { + "bannerColor": "string", + "bannerTextColor": "string", + "pageBackgroundColor": "string", + "pageLabelAndTextColor": "string" + }, + "language": { + "viewLanguage": "string" + }, + "globalCustomizations": { + "mobileLogoImage": { + "data": "string" + }, + "desktopLogoImage": { + "data": "string" + }, + "bannerImage": { + "data": "string" + }, + "backgroundImage": { + "data": "string" + }, + "bannerTitle": "string", + "contactText": "string", + "footerElement": "string" + }, + "pageCustomizations": { + "data": [ + { + "key": "string", + "value": "string" + } + ] + } + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sponsored_guest_portal.py b/ansible_collections/cisco/ise/plugins/modules/sponsored_guest_portal.py new file mode 100644 index 00000000..85f38644 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sponsored_guest_portal.py @@ -0,0 +1,804 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sponsored_guest_portal +short_description: Resource module for Sponsored Guest Portal +description: +- Manage operations create, update and delete of the resource Sponsored Guest Portal. +- This API creates a sponsored guest portal. +- This API deletes a sponsored guest portal by ID. +- This API allows the client to update a sponsored guest portal by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + customizations: + description: Defines all of the Portal Customizations available. + suboptions: + globalCustomizations: + description: Sponsored Guest Portal's globalCustomizations. + suboptions: + backgroundImage: + description: Sponsored Guest Portal's backgroundImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + bannerImage: + description: Sponsored Guest Portal's bannerImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + bannerTitle: + description: Sponsored Guest Portal's bannerTitle. + type: str + contactText: + description: Sponsored Guest Portal's contactText. + type: str + desktopLogoImage: + description: Sponsored Guest Portal's desktopLogoImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + footerElement: + description: Sponsored Guest Portal's footerElement. + type: str + mobileLogoImage: + description: Sponsored Guest Portal's mobileLogoImage. + suboptions: + data: + description: Represented as base 64 encoded string of the image byte + array. + type: str + type: dict + type: dict + language: + description: This property is supported only for Read operation and it allows + to show the customizations in English. Other languages are not supported. + suboptions: + viewLanguage: + description: Sponsored Guest Portal's viewLanguage. + type: str + type: dict + pageCustomizations: + description: Represent the entire page customization as a giant dictionary. + suboptions: + data: + description: The Dictionary will be exposed here as key value pair. + elements: dict + suboptions: + key: + description: Sponsored Guest Portal's key. + type: str + value: + description: Sponsored Guest Portal's value. + type: str + type: list + type: dict + portalTheme: + description: Sponsored Guest Portal's portalTheme. + suboptions: + id: + description: Sponsored Guest Portal's id. + type: str + name: + description: The system- or user-assigned name of the portal theme. + type: str + themeData: + description: A CSS file, represented as a Base64-encoded byte array. + type: str + type: dict + portalTweakSettings: + description: The Tweak Settings are a customization of the Portal Theme that + has been selected for the portal. When the Portal Theme selection is changed, + the Tweak Settings are overwritten to match the values in the theme. The Tweak + Settings can subsequently be changed by the user. + suboptions: + bannerColor: + description: Hex value of color. + type: str + bannerTextColor: + description: Sponsored Guest Portal's bannerTextColor. + type: str + pageBackgroundColor: + description: Sponsored Guest Portal's pageBackgroundColor. + type: str + pageLabelAndTextColor: + description: Sponsored Guest Portal's pageLabelAndTextColor. + type: str + type: dict + type: dict + description: + description: Sponsored Guest Portal's description. + type: str + id: + description: Sponsored Guest Portal's id. + type: str + name: + description: Sponsored Guest Portal's name. + type: str + portalTestUrl: + description: URL to bring up a test page for this portal. + type: str + portalType: + description: Allowed values - BYOD, - HOTSPOTGUEST, - MYDEVICE, - SELFREGGUEST, + - SPONSOR, - SPONSOREDGUEST. + type: str + settings: + description: Defines all of the settings groups available for a portal. + suboptions: + aupSettings: + description: Sponsored Guest Portal's aupSettings. + suboptions: + displayFrequency: + description: How the AUP should be displayed, either on page or as a link. + Only valid if includeAup = true. Allowed Values - FIRSTLOGIN, - EVERYLOGIN, + - RECURRING. + type: str + displayFrequencyIntervalDays: + description: Number of days between AUP confirmations (when displayFrequency + = recurring). + type: int + includeAup: + description: IncludeAup flag. + type: bool + requireAupScrolling: + description: Require the portal user to scroll to the end of the AUP. Only + valid if requireAupAcceptance = true. + type: bool + requireScrolling: + description: RequireScrolling flag. + type: bool + skipAupForEmployees: + description: Only valid if requireAupAcceptance = true. + type: bool + useDiffAupForEmployees: + description: Only valid if requireAupAcceptance = true. + type: bool + type: dict + authSuccessSettings: + description: Sponsored Guest Portal's authSuccessSettings. + suboptions: + redirectUrl: + description: Target URL for redirection, used when successRedirect = URL. + type: str + successRedirect: + description: After an Authentication Success where should device be redirected. + Allowed values - AUTHSUCCESSPAGE, - ORIGINATINGURL, - URL. + type: str + type: dict + byodSettings: + description: Sponsored Guest Portal's byodSettings. + suboptions: + byodRegistrationSettings: + description: Configuration of BYOD endpoint Registration step configuration. + suboptions: + endPointIdentityGroupId: + description: Identity group id for which endpoint belongs. + type: str + showDeviceID: + description: Display Device ID field during registration. + type: bool + type: dict + byodRegistrationSuccessSettings: + description: Sponsored Guest Portal's byodRegistrationSuccessSettings. + suboptions: + redirectUrl: + description: Target URL for redirection, used when successRedirect = + URL. + type: str + successRedirect: + description: After an Authentication Success where should device be + redirected. Allowed values - AUTHSUCCESSPAGE, - ORIGINATINGURL, - + URL. + type: str + type: dict + byodWelcomeSettings: + description: Sponsored Guest Portal's byodWelcomeSettings. + suboptions: + aupDisplay: + description: How the AUP should be displayed, either on page or as a + link. Only valid if includeAup = true. Allowed values - ONPAGE, - + ASLINK. + type: str + enableBYOD: + description: EnableBYOD flag. + type: bool + enableGuestAccess: + description: EnableGuestAccess flag. + type: bool + includeAup: + description: IncludeAup flag. + type: bool + requireAupAcceptance: + description: RequireAupAcceptance flag. + type: bool + requireMDM: + description: RequireMDM flag. + type: bool + requireScrolling: + description: Require BYOD devices to scroll down to the bottom of the + AUP. Only valid if includeAup = true. + type: bool + type: dict + type: dict + guestChangePasswordSettings: + description: Sponsored Guest Portal's guestChangePasswordSettings. + suboptions: + allowChangePasswdAtFirstLogin: + description: Allow guest to change their own passwords. + type: bool + type: dict + guestDeviceRegistrationSettings: + description: Sponsored Guest Portal's guestDeviceRegistrationSettings. + suboptions: + allowGuestsToRegisterDevices: + description: Allow guests to register devices. + type: bool + autoRegisterGuestDevices: + description: Automatically register guest devices. + type: bool + type: dict + loginPageSettings: + description: Portal Login Page settings groups follow. + suboptions: + accessCode: + description: Access code that must be entered by the portal user (only valid + if requireAccessCode = true). + type: str + allowAlternateGuestPortal: + description: AllowAlternateGuestPortal flag. + type: bool + allowForgotPassword: + description: AllowForgotPassword flag. + type: bool + allowGuestToChangePassword: + description: Require the portal user to enter an access code. + type: bool + allowGuestToCreateAccounts: + description: AllowGuestToCreateAccounts flag. + type: bool + aupDisplay: + description: How the AUP should be displayed, either on page or as a link. + Only valid if includeAup = true. Allowed values - ONPAGE, - ASLINK. + type: str + includeAup: + description: Include an Acceptable Use Policy (AUP) that should be displayed + during login. + type: bool + maxFailedAttemptsBeforeRateLimit: + description: Maximum failed login attempts before rate limiting. + type: int + requireAccessCode: + description: RequireAccessCode flag. + type: bool + requireAupAcceptance: + description: Require the portal user to accept the AUP. Only valid if includeAup + = true. + type: bool + socialConfigs: + description: Sponsored Guest Portal's socialConfigs. + elements: dict + suboptions: + socialMediaType: + description: Sponsored Guest Portal's socialMediaType. + type: str + socialMediaValue: + description: Sponsored Guest Portal's socialMediaValue. + type: str + type: list + timeBetweenLoginsDuringRateLimit: + description: Time between login attempts when rate limiting. + type: int + type: dict + portalSettings: + description: The port, interface, certificate, and other basic settings of a + portal. + suboptions: + allowedInterfaces: + description: Interfaces that the portal will be reachable on. Allowed values + - eth0, - eth1, - eth2, - eth3, - eth4, - eth5, - bond0, - bond1, - bond2. + elements: str + type: list + alwaysUsedLanguage: + description: Sponsored Guest Portal's alwaysUsedLanguage. + type: str + assignedGuestTypeForEmployee: + description: Unique Id of a guest type. Employees using this portal as a + guest inherit login options from the guest type. + type: str + authenticationMethod: + description: Unique Id of the identity source sequence. + type: str + certificateGroupTag: + description: Logical name of the x.509 server certificate that will be used + for the portal. + type: str + displayLang: + description: Allowed values - USEBROWSERLOCALE, - ALWAYSUSE. + type: str + fallbackLanguage: + description: Used when displayLang = USEBROWSERLOCALE. + type: str + httpsPort: + description: The port number that the allowed interfaces will listen on. + Range from 8000 to 8999. + type: int + type: dict + postAccessBannerSettings: + description: Sponsored Guest Portal's postAccessBannerSettings. + suboptions: + includePostAccessBanner: + description: IncludePostAccessBanner flag. + type: bool + type: dict + postLoginBannerSettings: + description: Sponsored Guest Portal's postLoginBannerSettings. + suboptions: + includePostAccessBanner: + description: Include a Post-Login Banner page. + type: bool + type: dict + supportInfoSettings: + description: Sponsored Guest Portal's supportInfoSettings. + suboptions: + defaultEmptyFieldValue: + description: The default value displayed for an empty field. Only valid + when emptyFieldDisplay = DISPLAYWITHDEFAULTVALUE. + type: str + emptyFieldDisplay: + description: Specifies how empty fields are handled on the Support Information + Page. Allowed values - HIDE, - DISPLAYWITHNOVALUE, - DISPLAYWITHDEFAULTVALUE. + type: str + includeBrowserUserAgent: + description: IncludeBrowserUserAgent flag. + type: bool + includeFailureCode: + description: IncludeFailureCode flag. + type: bool + includeIpAddress: + description: IncludeIpAddress flag. + type: bool + includeMacAddr: + description: IncludeMacAddr flag. + type: bool + includePolicyServer: + description: IncludePolicyServer flag. + type: bool + includeSupportInfoPage: + description: IncludeSupportInfoPage flag. + type: bool + type: dict + type: dict +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sponsored_guest_portal.SponsoredGuestPortal.create_sponsored_guest_portal, + sponsored_guest_portal.SponsoredGuestPortal.delete_sponsored_guest_portal_by_id, + sponsored_guest_portal.SponsoredGuestPortal.update_sponsored_guest_portal_by_id, + + - Paths used are + post /ers/config/sponsoredguestportal, + delete /ers/config/sponsoredguestportal/{id}, + put /ers/config/sponsoredguestportal/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.sponsored_guest_portal: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + customizations: + globalCustomizations: + backgroundImage: + data: string + bannerImage: + data: string + bannerTitle: string + contactText: string + desktopLogoImage: + data: string + footerElement: string + mobileLogoImage: + data: string + language: + viewLanguage: string + pageCustomizations: + data: + - key: string + value: string + portalTheme: + id: string + name: string + themeData: string + portalTweakSettings: + bannerColor: string + bannerTextColor: string + pageBackgroundColor: string + pageLabelAndTextColor: string + description: string + id: string + name: string + portalTestUrl: string + portalType: string + settings: + aupSettings: + displayFrequency: string + displayFrequencyIntervalDays: 0 + includeAup: true + requireAupScrolling: true + requireScrolling: true + skipAupForEmployees: true + useDiffAupForEmployees: true + authSuccessSettings: + redirectUrl: string + successRedirect: string + byodSettings: + byodRegistrationSettings: + endPointIdentityGroupId: string + showDeviceID: true + byodRegistrationSuccessSettings: + redirectUrl: string + successRedirect: string + byodWelcomeSettings: + aupDisplay: string + enableBYOD: true + enableGuestAccess: true + includeAup: true + requireAupAcceptance: true + requireMDM: true + requireScrolling: true + guestChangePasswordSettings: + allowChangePasswdAtFirstLogin: true + guestDeviceRegistrationSettings: + allowGuestsToRegisterDevices: true + autoRegisterGuestDevices: true + loginPageSettings: + accessCode: string + allowAlternateGuestPortal: true + allowForgotPassword: true + allowGuestToChangePassword: true + allowGuestToCreateAccounts: true + aupDisplay: string + includeAup: true + maxFailedAttemptsBeforeRateLimit: 0 + requireAccessCode: true + requireAupAcceptance: true + socialConfigs: + - socialMediaType: string + socialMediaValue: string + timeBetweenLoginsDuringRateLimit: 0 + portalSettings: + allowedInterfaces: + - string + alwaysUsedLanguage: string + assignedGuestTypeForEmployee: string + authenticationMethod: string + certificateGroupTag: string + displayLang: string + fallbackLanguage: string + httpsPort: 0 + postAccessBannerSettings: + includePostAccessBanner: true + postLoginBannerSettings: + includePostAccessBanner: true + supportInfoSettings: + defaultEmptyFieldValue: string + emptyFieldDisplay: string + includeBrowserUserAgent: true + includeFailureCode: true + includeIpAddress: true + includeMacAddr: true + includePolicyServer: true + includeSupportInfoPage: true + +- name: Delete by id + cisco.ise.sponsored_guest_portal: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.sponsored_guest_portal: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + customizations: + globalCustomizations: + backgroundImage: + data: string + bannerImage: + data: string + bannerTitle: string + contactText: string + desktopLogoImage: + data: string + footerElement: string + mobileLogoImage: + data: string + language: + viewLanguage: string + pageCustomizations: + data: + - key: string + value: string + portalTheme: + id: string + name: string + themeData: string + portalTweakSettings: + bannerColor: string + bannerTextColor: string + pageBackgroundColor: string + pageLabelAndTextColor: string + description: string + name: string + portalTestUrl: string + portalType: string + settings: + aupSettings: + displayFrequency: string + displayFrequencyIntervalDays: 0 + includeAup: true + requireAupScrolling: true + requireScrolling: true + skipAupForEmployees: true + useDiffAupForEmployees: true + authSuccessSettings: + redirectUrl: string + successRedirect: string + byodSettings: + byodRegistrationSettings: + endPointIdentityGroupId: string + showDeviceID: true + byodRegistrationSuccessSettings: + redirectUrl: string + successRedirect: string + byodWelcomeSettings: + aupDisplay: string + enableBYOD: true + enableGuestAccess: true + includeAup: true + requireAupAcceptance: true + requireMDM: true + requireScrolling: true + guestChangePasswordSettings: + allowChangePasswdAtFirstLogin: true + guestDeviceRegistrationSettings: + allowGuestsToRegisterDevices: true + autoRegisterGuestDevices: true + loginPageSettings: + accessCode: string + allowAlternateGuestPortal: true + allowForgotPassword: true + allowGuestToChangePassword: true + allowGuestToCreateAccounts: true + aupDisplay: string + includeAup: true + maxFailedAttemptsBeforeRateLimit: 0 + requireAccessCode: true + requireAupAcceptance: true + socialConfigs: + - socialMediaType: string + socialMediaValue: string + timeBetweenLoginsDuringRateLimit: 0 + portalSettings: + allowedInterfaces: + - string + alwaysUsedLanguage: string + assignedGuestTypeForEmployee: string + authenticationMethod: string + certificateGroupTag: string + displayLang: string + fallbackLanguage: string + httpsPort: 0 + postAccessBannerSettings: + includePostAccessBanner: true + postLoginBannerSettings: + includePostAccessBanner: true + supportInfoSettings: + defaultEmptyFieldValue: string + emptyFieldDisplay: string + includeBrowserUserAgent: true + includeFailureCode: true + includeIpAddress: true + includeMacAddr: true + includePolicyServer: true + includeSupportInfoPage: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "portalTestUrl": "string", + "settings": { + "portalSettings": { + "httpsPort": 0, + "allowedInterfaces": [ + "string" + ], + "certificateGroupTag": "string", + "authenticationMethod": "string", + "assignedGuestTypeForEmployee": "string", + "displayLang": "string", + "fallbackLanguage": "string", + "alwaysUsedLanguage": "string" + }, + "loginPageSettings": { + "requireAccessCode": true, + "maxFailedAttemptsBeforeRateLimit": 0, + "timeBetweenLoginsDuringRateLimit": 0, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "accessCode": "string", + "allowGuestToCreateAccounts": true, + "allowForgotPassword": true, + "allowGuestToChangePassword": true, + "allowAlternateGuestPortal": true, + "socialConfigs": [ + { + "socialMediaType": "string", + "socialMediaValue": "string" + } + ] + }, + "aupSettings": { + "includeAup": true, + "requireAupScrolling": true, + "useDiffAupForEmployees": true, + "skipAupForEmployees": true, + "displayFrequencyIntervalDays": 0, + "requireScrolling": true, + "displayFrequency": "string" + }, + "guestChangePasswordSettings": { + "allowChangePasswdAtFirstLogin": true + }, + "guestDeviceRegistrationSettings": { + "autoRegisterGuestDevices": true, + "allowGuestsToRegisterDevices": true + }, + "byodSettings": { + "byodWelcomeSettings": { + "enableBYOD": true, + "enableGuestAccess": true, + "requireMDM": true, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "requireScrolling": true + }, + "byodRegistrationSettings": { + "showDeviceID": true, + "endPointIdentityGroupId": "string" + }, + "byodRegistrationSuccessSettings": { + "successRedirect": "string", + "redirectUrl": "string" + } + }, + "postAccessBannerSettings": { + "includePostAccessBanner": true + }, + "authSuccessSettings": { + "successRedirect": "string", + "redirectUrl": "string" + }, + "postLoginBannerSettings": { + "includePostAccessBanner": true + }, + "supportInfoSettings": { + "includeSupportInfoPage": true, + "includeMacAddr": true, + "includeIpAddress": true, + "includeBrowserUserAgent": true, + "includePolicyServer": true, + "includeFailureCode": true, + "emptyFieldDisplay": "string", + "defaultEmptyFieldValue": "string" + } + }, + "customizations": { + "portalTheme": { + "id": "string", + "name": "string", + "themeData": "string" + }, + "portalTweakSettings": { + "bannerColor": "string", + "bannerTextColor": "string", + "pageBackgroundColor": "string", + "pageLabelAndTextColor": "string" + }, + "language": { + "viewLanguage": "string" + }, + "globalCustomizations": { + "mobileLogoImage": { + "data": "string" + }, + "desktopLogoImage": { + "data": "string" + }, + "bannerImage": { + "data": "string" + }, + "backgroundImage": { + "data": "string" + }, + "bannerTitle": "string", + "contactText": "string", + "footerElement": "string" + }, + "pageCustomizations": { + "data": [ + { + "key": "string", + "value": "string" + } + ] + } + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sponsored_guest_portal_info.py b/ansible_collections/cisco/ise/plugins/modules/sponsored_guest_portal_info.py new file mode 100644 index 00000000..d4e2649a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sponsored_guest_portal_info.py @@ -0,0 +1,405 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sponsored_guest_portal_info +short_description: Information module for Sponsored Guest Portal +description: +- Get all Sponsored Guest Portal. +- Get Sponsored Guest Portal by id. +- This API allows the client to get a sponsored guest portal by ID. +- This API allows the client to get all the sponsored guest portals. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sponsored_guest_portal.SponsoredGuestPortal.get_sponsored_guest_portal_by_id, + sponsored_guest_portal.SponsoredGuestPortal.get_sponsored_guest_portals_generator, + + - Paths used are + get /ers/config/sponsoredguestportal, + get /ers/config/sponsoredguestportal/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Sponsored Guest Portal + cisco.ise.sponsored_guest_portal_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get Sponsored Guest Portal by id + cisco.ise.sponsored_guest_portal_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "portalTestUrl": "string", + "settings": { + "portalSettings": { + "httpsPort": 0, + "allowedInterfaces": [ + "string" + ], + "certificateGroupTag": "string", + "authenticationMethod": "string", + "assignedGuestTypeForEmployee": "string", + "displayLang": "string", + "fallbackLanguage": "string", + "alwaysUsedLanguage": "string" + }, + "loginPageSettings": { + "requireAccessCode": true, + "maxFailedAttemptsBeforeRateLimit": 0, + "timeBetweenLoginsDuringRateLimit": 0, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "accessCode": "string", + "allowGuestToCreateAccounts": true, + "allowForgotPassword": true, + "allowGuestToChangePassword": true, + "allowAlternateGuestPortal": true, + "socialConfigs": [ + { + "socialMediaType": "string", + "socialMediaValue": "string" + } + ] + }, + "aupSettings": { + "includeAup": true, + "requireAupScrolling": true, + "useDiffAupForEmployees": true, + "skipAupForEmployees": true, + "displayFrequencyIntervalDays": 0, + "requireScrolling": true, + "displayFrequency": "string" + }, + "guestChangePasswordSettings": { + "allowChangePasswdAtFirstLogin": true + }, + "guestDeviceRegistrationSettings": { + "autoRegisterGuestDevices": true, + "allowGuestsToRegisterDevices": true + }, + "byodSettings": { + "byodWelcomeSettings": { + "enableBYOD": true, + "enableGuestAccess": true, + "requireMDM": true, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "requireScrolling": true + }, + "byodRegistrationSettings": { + "showDeviceID": true, + "endPointIdentityGroupId": "string" + }, + "byodRegistrationSuccessSettings": { + "successRedirect": "string", + "redirectUrl": "string" + } + }, + "postAccessBannerSettings": { + "includePostAccessBanner": true + }, + "authSuccessSettings": { + "successRedirect": "string", + "redirectUrl": "string" + }, + "postLoginBannerSettings": { + "includePostAccessBanner": true + }, + "supportInfoSettings": { + "includeSupportInfoPage": true, + "includeMacAddr": true, + "includeIpAddress": true, + "includeBrowserUserAgent": true, + "includePolicyServer": true, + "includeFailureCode": true, + "emptyFieldDisplay": "string", + "defaultEmptyFieldValue": "string" + } + }, + "customizations": { + "portalTheme": { + "id": "string", + "name": "string", + "themeData": "string" + }, + "portalTweakSettings": { + "bannerColor": "string", + "bannerTextColor": "string", + "pageBackgroundColor": "string", + "pageLabelAndTextColor": "string" + }, + "language": { + "viewLanguage": "string" + }, + "globalCustomizations": { + "mobileLogoImage": { + "data": "string" + }, + "desktopLogoImage": { + "data": "string" + }, + "bannerImage": { + "data": "string" + }, + "backgroundImage": { + "data": "string" + }, + "bannerTitle": "string", + "contactText": "string", + "footerElement": "string" + }, + "pageCustomizations": { + "data": [ + { + "key": "string", + "value": "string" + } + ] + } + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "portalType": "string", + "portalTestUrl": "string", + "settings": { + "portalSettings": { + "httpsPort": 0, + "allowedInterfaces": [ + "string" + ], + "certificateGroupTag": "string", + "authenticationMethod": "string", + "assignedGuestTypeForEmployee": "string", + "displayLang": "string", + "fallbackLanguage": "string", + "alwaysUsedLanguage": "string" + }, + "loginPageSettings": { + "requireAccessCode": true, + "maxFailedAttemptsBeforeRateLimit": 0, + "timeBetweenLoginsDuringRateLimit": 0, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "accessCode": "string", + "allowGuestToCreateAccounts": true, + "allowForgotPassword": true, + "allowGuestToChangePassword": true, + "allowAlternateGuestPortal": true, + "socialConfigs": [ + { + "socialMediaType": "string", + "socialMediaValue": "string" + } + ] + }, + "aupSettings": { + "includeAup": true, + "requireAupScrolling": true, + "useDiffAupForEmployees": true, + "skipAupForEmployees": true, + "displayFrequencyIntervalDays": 0, + "requireScrolling": true, + "displayFrequency": "string" + }, + "guestChangePasswordSettings": { + "allowChangePasswdAtFirstLogin": true + }, + "guestDeviceRegistrationSettings": { + "autoRegisterGuestDevices": true, + "allowGuestsToRegisterDevices": true + }, + "byodSettings": { + "byodWelcomeSettings": { + "enableBYOD": true, + "enableGuestAccess": true, + "requireMDM": true, + "includeAup": true, + "aupDisplay": "string", + "requireAupAcceptance": true, + "requireScrolling": true + }, + "byodRegistrationSettings": { + "showDeviceID": true, + "endPointIdentityGroupId": "string" + }, + "byodRegistrationSuccessSettings": { + "successRedirect": "string", + "redirectUrl": "string" + } + }, + "postAccessBannerSettings": { + "includePostAccessBanner": true + }, + "authSuccessSettings": { + "successRedirect": "string", + "redirectUrl": "string" + }, + "postLoginBannerSettings": { + "includePostAccessBanner": true + }, + "supportInfoSettings": { + "includeSupportInfoPage": true, + "includeMacAddr": true, + "includeIpAddress": true, + "includeBrowserUserAgent": true, + "includePolicyServer": true, + "includeFailureCode": true, + "emptyFieldDisplay": "string", + "defaultEmptyFieldValue": "string" + } + }, + "customizations": { + "portalTheme": { + "id": "string", + "name": "string", + "themeData": "string" + }, + "portalTweakSettings": { + "bannerColor": "string", + "bannerTextColor": "string", + "pageBackgroundColor": "string", + "pageLabelAndTextColor": "string" + }, + "language": { + "viewLanguage": "string" + }, + "globalCustomizations": { + "mobileLogoImage": { + "data": "string" + }, + "desktopLogoImage": { + "data": "string" + }, + "bannerImage": { + "data": "string" + }, + "backgroundImage": { + "data": "string" + }, + "bannerTitle": "string", + "contactText": "string", + "footerElement": "string" + }, + "pageCustomizations": { + "data": [ + { + "key": "string", + "value": "string" + } + ] + } + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/support_bundle.py b/ansible_collections/cisco/ise/plugins/modules/support_bundle.py new file mode 100644 index 00000000..81aaf5bf --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/support_bundle.py @@ -0,0 +1,105 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: support_bundle +short_description: Resource module for Support Bundle +description: +- Manage operation create of the resource Support Bundle. +- This API allows the client to create a support bundle trigger configuration. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + description: + description: Support Bundle's description. + type: str + hostName: + description: This parameter is hostName only, xxxx of xxxx.yyy.zz. + type: str + name: + description: Resource Name. + type: str + supportBundleIncludeOptions: + description: Support Bundle's supportBundleIncludeOptions. + suboptions: + fromDate: + description: Date from where support bundle should include the logs. + type: str + includeConfigDB: + description: Set to include Config DB in Support Bundle. + type: bool + includeCoreFiles: + description: Set to include Core files in Support Bundle. + type: bool + includeDebugLogs: + description: Set to include Debug logs in Support Bundle. + type: bool + includeLocalLogs: + description: Set to include Local logs in Support Bundle. + type: bool + includeSystemLogs: + description: Set to include System logs in Support Bundle. + type: bool + mntLogs: + description: Set to include Monitoring and troublshooting logs in Support Bundle. + type: bool + policyXml: + description: Set to include Policy XML in Support Bundle. + type: bool + toDate: + description: Date upto where support bundle should include the logs. + type: str + type: dict +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for SupportBundleTriggerConfiguration + description: Complete reference of the SupportBundleTriggerConfiguration API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!supportbundle +notes: + - SDK Method used are + support_bundle_trigger_configuration.SupportBundleTriggerConfiguration.create_support_bundle, + + - Paths used are + post /ers/config/supportbundle, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.support_bundle: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + description: string + hostName: string + name: string + supportBundleIncludeOptions: + fromDate: string + includeConfigDB: true + includeCoreFiles: true + includeDebugLogs: true + includeLocalLogs: true + includeSystemLogs: true + mntLogs: true + policyXml: true + toDate: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/support_bundle_download.py b/ansible_collections/cisco/ise/plugins/modules/support_bundle_download.py new file mode 100644 index 00000000..c6b8b463 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/support_bundle_download.py @@ -0,0 +1,69 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: support_bundle_download +short_description: Resource module for Support Bundle Download +description: +- Manage operation update of the resource Support Bundle Download. +- This API allows the client to upload a support bundle. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + dirPath: + description: Directory absolute path. Defaults to the current working directory. + type: str + fileName: + description: Support Bundle Download's fileName. + type: str + filename: + description: The filename used to save the download file. + type: str + saveFile: + description: Enable or disable automatic file creation of raw response. + type: bool +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + support_bundle_download.SupportBundleDownload.download_support_bundle, + + - Paths used are + put /ers/config/supportbundledownload, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.support_bundle_download: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + dirPath: /tmp/downloads/ + fileName: string + filename: download_filename.extension + saveFile: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "data": "filecontent", + "filename": "filename", + "dirpath": "download/directory", + "path": "download/directory/filename" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/support_bundle_status_info.py b/ansible_collections/cisco/ise/plugins/modules/support_bundle_status_info.py new file mode 100644 index 00000000..0cdb8aaf --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/support_bundle_status_info.py @@ -0,0 +1,117 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: support_bundle_status_info +short_description: Information module for Support Bundle Status +description: +- Get all Support Bundle Status. +- Get Support Bundle Status by id. +- This API allows the client to get a support bundle status by ID. +- This API allows the client to get all the support bundle status. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + support_bundle_status.SupportBundleStatus.get_support_bundle_status_by_id, + support_bundle_status.SupportBundleStatus.get_support_bundle_status_generator, + + - Paths used are + get /ers/config/supportbundlestatus, + get /ers/config/supportbundlestatus/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Support Bundle Status + cisco.ise.support_bundle_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + register: result + +- name: Get Support Bundle Status by id + cisco.ise.support_bundle_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "fileName": "string", + "fileSize": 0, + "hostName": "string", + "message": "string", + "startTime": "string", + "status": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "fileName": "string", + "fileSize": 0, + "hostName": "string", + "message": "string", + "startTime": "string", + "status": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sxp_connections.py b/ansible_collections/cisco/ise/plugins/modules/sxp_connections.py new file mode 100644 index 00000000..544a65b8 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sxp_connections.py @@ -0,0 +1,152 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sxp_connections +short_description: Resource module for SXP Connections +description: +- Manage operations create, update and delete of the resource SXP Connections. +- This API creates a SXP connection. +- This API deletes a SXP connection. +- This API allows the client to update a SXP connection. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + description: + description: SXP Connections's description. + type: str + enabled: + description: Enabled flag. + type: bool + id: + description: SXP Connections's id. + type: str + ipAddress: + description: SXP Connections's ipAddress. + type: str + sxpMode: + description: SXP Connections's sxpMode. + type: str + sxpNode: + description: SXP Connections's sxpNode. + type: str + sxpPeer: + description: SXP Connections's sxpPeer. + type: str + sxpVersion: + description: SXP Connections's sxpVersion. + type: str + sxpVpn: + description: SXP Connections's sxpVpn. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sxp_connections.SxpConnections.create_sxp_connections, + sxp_connections.SxpConnections.delete_sxp_connections_by_id, + sxp_connections.SxpConnections.update_sxp_connections_by_id, + + - Paths used are + post /ers/config/sxpconnections, + delete /ers/config/sxpconnections/{id}, + put /ers/config/sxpconnections/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.sxp_connections: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + enabled: true + id: string + ipAddress: string + sxpMode: string + sxpNode: string + sxpPeer: string + sxpVersion: string + sxpVpn: string + +- name: Delete by id + cisco.ise.sxp_connections: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.sxp_connections: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + enabled: true + ipAddress: string + sxpMode: string + sxpNode: string + sxpPeer: string + sxpVersion: string + sxpVpn: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "description": "string", + "sxpPeer": "string", + "sxpVpn": "string", + "sxpNode": "string", + "ipAddress": "string", + "sxpMode": "string", + "sxpVersion": "string", + "enabled": true, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sxp_connections_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/modules/sxp_connections_bulk_monitor_status_info.py new file mode 100644 index 00000000..bfa5183c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sxp_connections_bulk_monitor_status_info.py @@ -0,0 +1,72 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sxp_connections_bulk_monitor_status_info +short_description: Information module for SXP Connections Bulk Monitor Status +description: +- Get SXP Connections Bulk Monitor Status by id. +- This API allows the client to monitor the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + bulkid: + description: + - Bulkid path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sxp_connections.SxpConnections.monitor_bulk_status_sxp_connections, + + - Paths used are + get /ers/config/sxpconnections/bulk/{bulkid}, + +""" + +EXAMPLES = r""" +- name: Get SXP Connections Bulk Monitor Status by id + cisco.ise.sxp_connections_bulk_monitor_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + bulkid: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "bulkId": "string", + "mediaType": "string", + "executionStatus": "string", + "operationType": "string", + "startTime": "string", + "resourcesCount": 0, + "successCount": 0, + "failCount": 0, + "resourcesStatus": [ + { + "id": "string", + "name": "string", + "description": "string", + "resourceExecutionStatus": "string", + "status": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sxp_connections_bulk_request.py b/ansible_collections/cisco/ise/plugins/modules/sxp_connections_bulk_request.py new file mode 100644 index 00000000..02ca9ce0 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sxp_connections_bulk_request.py @@ -0,0 +1,56 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sxp_connections_bulk_request +short_description: Resource module for SXP Connections Bulk Request +description: +- Manage operation update of the resource SXP Connections Bulk Request. +- This API allows the client to submit the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + operationType: + description: SXP Connections Bulk Request's operationType. + type: str + resourceMediaType: + description: SXP Connections Bulk Request's resourceMediaType. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sxp_connections.SxpConnections.bulk_request_for_sxp_connections, + + - Paths used are + put /ers/config/sxpconnections/bulk/submit, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.sxp_connections_bulk_request: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + operationType: string + resourceMediaType: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sxp_connections_info.py b/ansible_collections/cisco/ise/plugins/modules/sxp_connections_info.py new file mode 100644 index 00000000..08a50da5 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sxp_connections_info.py @@ -0,0 +1,155 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sxp_connections_info +short_description: Information module for SXP Connections +description: +- Get all SXP Connections. +- Get SXP Connections by id. +- This API allows the client to get a SXP connection by ID. +- This API allows the client to get all the SXP connections. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sxp_connections.SxpConnections.get_sxp_connections_by_id, + sxp_connections.SxpConnections.get_sxp_connections_generator, + + - Paths used are + get /ers/config/sxpconnections, + get /ers/config/sxpconnections/{id}, + +""" + +EXAMPLES = r""" +- name: Get all SXP Connections + cisco.ise.sxp_connections_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get SXP Connections by id + cisco.ise.sxp_connections_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "description": "string", + "sxpPeer": "string", + "sxpVpn": "string", + "sxpNode": "string", + "ipAddress": "string", + "sxpMode": "string", + "sxpVersion": "string", + "enabled": true, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "description": "string", + "sxpPeer": "string", + "sxpVpn": "string", + "sxpNode": "string", + "ipAddress": "string", + "sxpMode": "string", + "sxpVersion": "string", + "enabled": true, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sxp_local_bindings.py b/ansible_collections/cisco/ise/plugins/modules/sxp_local_bindings.py new file mode 100644 index 00000000..5eff2ab4 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sxp_local_bindings.py @@ -0,0 +1,143 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sxp_local_bindings +short_description: Resource module for SXP Local Bindings +description: +- Manage operations create, update and delete of the resource SXP Local Bindings. +- This API creates a SXP local binding. +- This API deletes a SXP local binding. +- This API allows the client to update a SXP local binding. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + bindingName: + description: This field is depricated from Cisco ISE 3.0. + type: str + description: + description: SXP Local Bindings's description. + type: str + id: + description: SXP Local Bindings's id. + type: str + ipAddressOrHost: + description: IP address for static mapping (hostname is not supported). + type: str + sgt: + description: SGT name or ID. + type: str + sxpVpn: + description: List of SXP Domains, separated with comma. At least one of sxpVpn or + vns should be defined. + type: str + vns: + description: List of Virtual Networks, separated with comma. At least one of sxpVpn + or vns should be defined. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sxp_local_bindings.SxpLocalBindings.create_sxp_local_bindings, + sxp_local_bindings.SxpLocalBindings.delete_sxp_local_bindings_by_id, + sxp_local_bindings.SxpLocalBindings.update_sxp_local_bindings_by_id, + + - Paths used are + post /ers/config/sxplocalbindings, + delete /ers/config/sxplocalbindings/{id}, + put /ers/config/sxplocalbindings/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.sxp_local_bindings: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + bindingName: string + description: string + id: string + ipAddressOrHost: string + sgt: string + sxpVpn: string + vns: string + +- name: Delete by id + cisco.ise.sxp_local_bindings: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.sxp_local_bindings: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + bindingName: string + description: string + id: string + ipAddressOrHost: string + sgt: string + sxpVpn: string + vns: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "description": "string", + "bindingName": "string", + "ipAddressOrHost": "string", + "sxpVpn": "string", + "sgt": "string", + "vns": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sxp_local_bindings_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/modules/sxp_local_bindings_bulk_monitor_status_info.py new file mode 100644 index 00000000..3cb621af --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sxp_local_bindings_bulk_monitor_status_info.py @@ -0,0 +1,72 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sxp_local_bindings_bulk_monitor_status_info +short_description: Information module for SXP Local Bindings Bulk Monitor Status +description: +- Get SXP Local Bindings Bulk Monitor Status by id. +- This API allows the client to monitor the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + bulkid: + description: + - Bulkid path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sxp_local_bindings.SxpLocalBindings.monitor_bulk_status_sxp_local_bindings, + + - Paths used are + get /ers/config/sxplocalbindings/bulk/{bulkid}, + +""" + +EXAMPLES = r""" +- name: Get SXP Local Bindings Bulk Monitor Status by id + cisco.ise.sxp_local_bindings_bulk_monitor_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + bulkid: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "bulkId": "string", + "mediaType": "string", + "executionStatus": "string", + "operationType": "string", + "startTime": "string", + "resourcesCount": 0, + "successCount": 0, + "failCount": 0, + "resourcesStatus": [ + { + "id": "string", + "name": "string", + "description": "string", + "resourceExecutionStatus": "string", + "status": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sxp_local_bindings_bulk_request.py b/ansible_collections/cisco/ise/plugins/modules/sxp_local_bindings_bulk_request.py new file mode 100644 index 00000000..374def10 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sxp_local_bindings_bulk_request.py @@ -0,0 +1,56 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sxp_local_bindings_bulk_request +short_description: Resource module for SXP Local Bindings Bulk Request +description: +- Manage operation update of the resource SXP Local Bindings Bulk Request. +- This API allows the client to submit the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + operationType: + description: SXP Local Bindings Bulk Request's operationType. + type: str + resourceMediaType: + description: SXP Local Bindings Bulk Request's resourceMediaType. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sxp_local_bindings.SxpLocalBindings.bulk_request_for_sxp_local_bindings, + + - Paths used are + put /ers/config/sxplocalbindings/bulk/submit, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.sxp_local_bindings_bulk_request: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + operationType: string + resourceMediaType: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sxp_local_bindings_info.py b/ansible_collections/cisco/ise/plugins/modules/sxp_local_bindings_info.py new file mode 100644 index 00000000..0c422a49 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sxp_local_bindings_info.py @@ -0,0 +1,151 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sxp_local_bindings_info +short_description: Information module for SXP Local Bindings +description: +- Get all SXP Local Bindings. +- Get SXP Local Bindings by id. +- This API allows the client to get a SXP local binding by ID. +- This API allows the client to get all the SXP local bindings. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sxp_local_bindings.SxpLocalBindings.get_sxp_local_bindings_by_id, + sxp_local_bindings.SxpLocalBindings.get_sxp_local_bindings_generator, + + - Paths used are + get /ers/config/sxplocalbindings, + get /ers/config/sxplocalbindings/{id}, + +""" + +EXAMPLES = r""" +- name: Get all SXP Local Bindings + cisco.ise.sxp_local_bindings_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + sortasc: string + sortdsc: string + filter: [] + filterType: AND + register: result + +- name: Get SXP Local Bindings by id + cisco.ise.sxp_local_bindings_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "description": "string", + "bindingName": "string", + "ipAddressOrHost": "string", + "sxpVpn": "string", + "sgt": "string", + "vns": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "description": "string", + "bindingName": "string", + "ipAddressOrHost": "string", + "sxpVpn": "string", + "sgt": "string", + "vns": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sxp_vpns.py b/ansible_collections/cisco/ise/plugins/modules/sxp_vpns.py new file mode 100644 index 00000000..0b7a88dc --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sxp_vpns.py @@ -0,0 +1,76 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sxp_vpns +short_description: Resource module for SXP VPNs +description: +- Manage operations create and delete of the resource SXP VPNs. +- This API creates a SXP VPN. +- This API deletes a SXP VPN. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + id: + description: Id path parameter. + type: str + sxpVpnName: + description: SXP VPNs's sxpVpnName. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sxp_vpns.SxpVpns.create_sxp_vpn, + sxp_vpns.SxpVpns.delete_sxp_vpn_by_id, + + - Paths used are + post /ers/config/sxpvpns, + delete /ers/config/sxpvpns/{id}, + +""" + +EXAMPLES = r""" +- name: Delete by id + cisco.ise.sxp_vpns: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.sxp_vpns: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + sxpVpnName: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "sxpVpnName": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sxp_vpns_bulk_monitor_status_info.py b/ansible_collections/cisco/ise/plugins/modules/sxp_vpns_bulk_monitor_status_info.py new file mode 100644 index 00000000..9ec5a6fb --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sxp_vpns_bulk_monitor_status_info.py @@ -0,0 +1,72 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sxp_vpns_bulk_monitor_status_info +short_description: Information module for SXP VPNs Bulk Monitor Status +description: +- Get SXP VPNs Bulk Monitor Status by id. +- This API allows the client to monitor the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + bulkid: + description: + - Bulkid path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sxp_vpns.SxpVpns.monitor_bulk_status_sxp_vpns, + + - Paths used are + get /ers/config/sxpvpns/bulk/{bulkid}, + +""" + +EXAMPLES = r""" +- name: Get SXP VPNs Bulk Monitor Status by id + cisco.ise.sxp_vpns_bulk_monitor_status_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + bulkid: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "bulkId": "string", + "mediaType": "string", + "executionStatus": "string", + "operationType": "string", + "startTime": "string", + "resourcesCount": 0, + "successCount": 0, + "failCount": 0, + "resourcesStatus": [ + { + "id": "string", + "name": "string", + "description": "string", + "resourceExecutionStatus": "string", + "status": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sxp_vpns_bulk_request.py b/ansible_collections/cisco/ise/plugins/modules/sxp_vpns_bulk_request.py new file mode 100644 index 00000000..0c8e957c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sxp_vpns_bulk_request.py @@ -0,0 +1,56 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sxp_vpns_bulk_request +short_description: Resource module for SXP VPNs Bulk Request +description: +- Manage operation update of the resource SXP VPNs Bulk Request. +- This API allows the client to submit the bulk request. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + operationType: + description: SXP VPNs Bulk Request's operationType. + type: str + resourceMediaType: + description: SXP VPNs Bulk Request's resourceMediaType. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sxp_vpns.SxpVpns.bulk_request_for_sxp_vpns, + + - Paths used are + put /ers/config/sxpvpns/bulk/submit, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.sxp_vpns_bulk_request: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + operationType: string + resourceMediaType: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/sxp_vpns_info.py b/ansible_collections/cisco/ise/plugins/modules/sxp_vpns_info.py new file mode 100644 index 00000000..0b233c13 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/sxp_vpns_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: sxp_vpns_info +short_description: Information module for SXP VPNs +description: +- Get all SXP VPNs. +- Get SXP VPNs by id. +- This API allows the client to get a SXP VPN by ID. +- This API allows the client to get all the SXP VPNs. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str + sortasc: + description: + - Sortasc query parameter. Sort asc. + type: str + sortdsc: + description: + - Sortdsc query parameter. Sort desc. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + sxp_vpns.SxpVpns.get_sxp_vpn_by_id, + sxp_vpns.SxpVpns.get_sxp_vpns_generator, + + - Paths used are + get /ers/config/sxpvpns, + get /ers/config/sxpvpns/{id}, + +""" + +EXAMPLES = r""" +- name: Get all SXP VPNs + cisco.ise.sxp_vpns_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + filter: [] + filterType: AND + sortasc: string + sortdsc: string + register: result + +- name: Get SXP VPNs by id + cisco.ise.sxp_vpns_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "sxpVpnName": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "sxpVpnName": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/system_certificate.py b/ansible_collections/cisco/ise/plugins/modules/system_certificate.py new file mode 100644 index 00000000..6022b8d3 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/system_certificate.py @@ -0,0 +1,185 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: system_certificate +short_description: Resource module for System Certificate +description: +- Manage operations update and delete of the resource System Certificate. +- This API deletes a System Certificate of a particular node based on given HostName and ID. +- Update a System Certificate. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + admin: + description: Use certificate to authenticate the Cisco ISE Admin Portal. + type: bool + allowPortalTagTransferForSameSubject: + description: Allow overwriting the portal tag from matching certificate of same + subject. + type: bool + allowReplacementOfPortalGroupTag: + description: Allow Replacement of Portal Group Tag (required). + type: bool + allowRoleTransferForSameSubject: + description: Allow transfer of roles for certificate with matching subject. + type: bool + allowWildcardDelete: + description: If the given certificate to be deleted is a wildcard certificate, corresponding + certificate gets deleted on rest of the nodes in the deployment as well. + type: bool + description: + description: Description of System Certificate. + type: str + eap: + description: Use certificate for EAP protocols that use SSL/TLS tunneling. + type: bool + expirationTTLPeriod: + description: System Certificate's expirationTTLPeriod. + type: int + expirationTTLUnits: + description: System Certificate's expirationTTLUnits. + type: str + hostName: + description: HostName path parameter. Name of Host whose certificate needs to be + updated. + type: str + id: + description: Id path parameter. ID of the System Certificate to be updated. + type: str + ims: + description: Use certificate for the Cisco ISE Messaging Service. + type: bool + name: + description: Name of the certificate. + type: str + portal: + description: Use for portal. + type: bool + portalGroupTag: + description: Set Group tag. + type: str + pxgrid: + description: Use certificate for the pxGrid Controller. + type: bool + radius: + description: Use certificate for the RADSec server. + type: bool + renewSelfSignedCertificate: + description: Renew Self-signed Certificate. + type: bool + saml: + description: Use certificate for SAML Signing. + type: bool +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Certificates + description: Complete reference of the Certificates API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!certificate-openapi +notes: + - SDK Method used are + certificates.Certificates.delete_system_certificate_by_id, + certificates.Certificates.update_system_certificate, + + - Paths used are + delete /api/v1/certs/system-certificate/{hostName}/{id}, + put /api/v1/certs/system-certificate/{hostName}/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.system_certificate: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + admin: true + allowPortalTagTransferForSameSubject: true + allowReplacementOfPortalGroupTag: true + allowRoleTransferForSameSubject: true + description: string + eap: true + expirationTTLPeriod: 0 + expirationTTLUnits: string + hostName: string + id: string + ims: true + name: string + portal: true + portalGroupTag: string + pxgrid: true + radius: true + renewSelfSignedCertificate: true + saml: true + +- name: Delete by id + cisco.ise.system_certificate: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + allowWildcardDelete: true + hostName: string + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "expirationDate": "string", + "friendlyName": "string", + "groupTag": "string", + "id": "string", + "issuedBy": "string", + "issuedTo": "string", + "keySize": 0, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "portalsUsingTheTag": "string", + "selfSigned": true, + "serialNumberDecimalFormat": "string", + "sha256Fingerprint": "string", + "signatureAlgorithm": "string", + "usedBy": "string", + "validFrom": "string" + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": { + "id": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "message": "string", + "status": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/system_certificate_create.py b/ansible_collections/cisco/ise/plugins/modules/system_certificate_create.py new file mode 100644 index 00000000..75831861 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/system_certificate_create.py @@ -0,0 +1,142 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: system_certificate_create +short_description: Resource module for System Certificate Create +description: +- Manage operation create of the resource System Certificate Create. +- This API allows the client to create a system certificate. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + ersLocalCertStub: + description: Inputs for certificate creation. + suboptions: + allowWildcardCerts: + description: System Certificate Create's allowWildcardCerts. + type: str + certificatePolicies: + description: System Certificate Create's certificatePolicies. + type: str + certificateSanDns: + description: System Certificate Create's certificateSanDns. + type: str + certificateSanIp: + description: System Certificate Create's certificateSanIp. + type: str + certificateSanUri: + description: System Certificate Create's certificateSanUri. + type: str + digest: + description: System Certificate Create's digest. + type: str + ersSubjectStub: + description: Subject data of certificate. + suboptions: + commonName: + description: System Certificate Create's commonName. + type: str + countryName: + description: System Certificate Create's countryName. + type: str + localityName: + description: System Certificate Create's localityName. + type: str + organizationName: + description: System Certificate Create's organizationName. + type: str + organizationalUnitName: + description: System Certificate Create's organizationalUnitName. + type: str + stateOrProvinceName: + description: System Certificate Create's stateOrProvinceName. + type: str + type: dict + expirationTTL: + description: System Certificate Create's expirationTTL. + type: int + friendlyName: + description: System Certificate Create's friendlyName. + type: str + groupTagDD: + description: System Certificate Create's groupTagDD. + type: str + keyLength: + description: System Certificate Create's keyLength. + type: str + keyType: + description: System Certificate Create's keyType. + type: str + samlCertificate: + description: System Certificate Create's samlCertificate. + type: str + selectedExpirationTTLUnit: + description: System Certificate Create's selectedExpirationTTLUnit. + type: str + xgridCertificate: + description: System Certificate Create's xgridCertificate. + type: str + type: dict + nodeId: + description: NodeId of Cisco ISE application. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + system_certificate.SystemCertificate.create_system_certificate, + + - Paths used are + post /ers/config/systemcertificate, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.system_certificate_create: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + ersLocalCertStub: + allowWildcardCerts: string + certificatePolicies: string + certificateSanDns: string + certificateSanIp: string + certificateSanUri: string + digest: string + ersSubjectStub: + commonName: string + countryName: string + localityName: string + organizationName: string + organizationalUnitName: string + stateOrProvinceName: string + expirationTTL: 0 + friendlyName: string + groupTagDD: string + keyLength: string + keyType: string + samlCertificate: string + selectedExpirationTTLUnit: string + xgridCertificate: string + nodeId: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/system_certificate_export_info.py b/ansible_collections/cisco/ise/plugins/modules/system_certificate_export_info.py new file mode 100644 index 00000000..793eaea3 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/system_certificate_export_info.py @@ -0,0 +1,75 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: system_certificate_export_info +short_description: Information module for System Certificate Export Info +description: +- Get System Certificate Export Info. +- Export System Certificate. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + dirPath: + description: Directory absolute path. Defaults to the current working directory. + type: str + export: + description: System Certificate Export Info's export. + type: str + filename: + description: The filename used to save the download file. + type: str + id: + description: System Certificate Export Info's id. + type: str + password: + description: System Certificate Export Info's password. + type: str + saveFile: + description: Enable or disable automatic file creation of raw response. + type: bool +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Certificates + description: Complete reference of the Certificates API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!certificate-openapi +notes: + - SDK Method used are + certificates.Certificates.export_system_certificate, + + - Paths used are + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.system_certificate_export_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + dirPath: /tmp/downloads/ + export: string + filename: download_filename.extension + id: string + password: string + saveFile: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: str + sample: > + "'string'" +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/system_certificate_import.py b/ansible_collections/cisco/ise/plugins/modules/system_certificate_import.py new file mode 100644 index 00000000..9cb9d330 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/system_certificate_import.py @@ -0,0 +1,144 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: system_certificate_import +short_description: Resource module for System Certificate Import +description: +- Manage operation create of the resource System Certificate Import. +- Import an X509 certificate as a system certificate. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + admin: + description: Use certificate to authenticate the Cisco ISE Admin Portal. + type: bool + allowExtendedValidity: + description: Allow import of certificates with validity greater than 398 days (required). + type: bool + allowOutOfDateCert: + description: Allow out of date certificates (required). + type: bool + allowPortalTagTransferForSameSubject: + description: Allow overwriting the portal tag from matching certificate of same + subject. + type: bool + allowReplacementOfCertificates: + description: Allow Replacement of certificates (required). + type: bool + allowReplacementOfPortalGroupTag: + description: Allow Replacement of Portal Group Tag (required). + type: bool + allowRoleTransferForSameSubject: + description: Allow transfer of roles for certificate with matching subject. + type: bool + allowSHA1Certificates: + description: Allow SHA1 based certificates (required). + type: bool + allowWildCardCertificates: + description: Allow Wildcard certificates. + type: bool + data: + description: Certificate Content (required). + type: str + eap: + description: Use certificate for EAP protocols that use SSL/TLS tunneling. + type: bool + ims: + description: Use certificate for the Cisco ISE Messaging Service. + type: bool + name: + description: Name of the certificate. + type: str + password: + description: Certificate Password (required). + type: str + portal: + description: Use for portal. + type: bool + portalGroupTag: + description: Set Group tag. + type: str + privateKeyData: + description: Private Key data (required). + type: str + pxgrid: + description: Use certificate for the pxGrid Controller. + type: bool + radius: + description: Use certificate for the RADSec server. + type: bool + saml: + description: Use certificate for SAML Signing. + type: bool + validateCertificateExtensions: + description: Validate certificate extensions. + type: bool +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Certificates + description: Complete reference of the Certificates API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!certificate-openapi +notes: + - SDK Method used are + certificates.Certificates.import_system_certificate, + + - Paths used are + post /api/v1/certs/system-certificate/import, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.system_certificate_import: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + admin: true + allowExtendedValidity: true + allowOutOfDateCert: true + allowPortalTagTransferForSameSubject: true + allowReplacementOfCertificates: true + allowReplacementOfPortalGroupTag: true + allowRoleTransferForSameSubject: true + allowSHA1Certificates: true + allowWildCardCertificates: true + data: string + eap: true + ims: true + name: string + password: string + portal: true + portalGroupTag: string + privateKeyData: string + pxgrid: true + radius: true + saml: true + validateCertificateExtensions: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "id": "string", + "message": "string", + "status": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/system_certificate_info.py b/ansible_collections/cisco/ise/plugins/modules/system_certificate_info.py new file mode 100644 index 00000000..9c05839c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/system_certificate_info.py @@ -0,0 +1,175 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: system_certificate_info +short_description: Information module for System Certificate +description: +- Get System Certificate by id. +- Get System Certificate by name. +- This API provides details of a System Certificate of a particular node based on given HostName and ID. +- This API supports Filtering, Sorting and Pagination. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + hostName: + description: + - HostName path parameter. Name of the host of which system certificates should be returned. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sort: + description: + - Sort query parameter. Sort type - asc or desc. + type: str + sortBy: + description: + - SortBy query parameter. Sort column by which objects needs to be sorted. + type: str + filter: + description: + - > + Filter query parameter. .. Container **Simple filtering** should be available through the filter query + string parameter. The structure of a filter is a triplet of field operator and value separated with dots. + More than one filter can be sent. The logical operator common to ALL filter criteria will be by default AND, + and can be changed by using the *"filterType=or"* query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str + id: + description: + - Id path parameter. ID of the system certificate. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Certificates + description: Complete reference of the Certificates API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!certificate-openapi +notes: + - SDK Method used are + certificates.Certificates.get_system_certificate_by_id, + certificates.Certificates.get_system_certificates, + + - Paths used are + get /api/v1/certs/system-certificate/{hostName}, + get /api/v1/certs/system-certificate/{hostName}/{id}, + +""" + +EXAMPLES = r""" +- name: Get System Certificate by id + cisco.ise.system_certificate_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + hostName: string + id: string + register: result + +- name: Get System Certificate by name + cisco.ise.system_certificate_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 0 + size: 0 + sort: string + sortBy: string + filter: [] + filterType: string + hostName: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "expirationDate": "string", + "friendlyName": "string", + "groupTag": "string", + "id": "string", + "issuedBy": "string", + "issuedTo": "string", + "keySize": 0, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "portalsUsingTheTag": "string", + "selfSigned": true, + "serialNumberDecimalFormat": "string", + "sha256Fingerprint": "string", + "signatureAlgorithm": "string", + "usedBy": "string", + "validFrom": "string" + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "expirationDate": "string", + "friendlyName": "string", + "groupTag": "string", + "id": "string", + "issuedBy": "string", + "issuedTo": "string", + "keySize": 0, + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "portalsUsingTheTag": "string", + "selfSigned": true, + "serialNumberDecimalFormat": "string", + "sha256Fingerprint": "string", + "signatureAlgorithm": "string", + "usedBy": "string", + "validFrom": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/system_config_version_info.py b/ansible_collections/cisco/ise/plugins/modules/system_config_version_info.py new file mode 100644 index 00000000..cbff1e72 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/system_config_version_info.py @@ -0,0 +1,60 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: system_config_version_info +short_description: Information module for System Config Version +description: +- Get all System Config Version. +- This API allows the client to get Cisco ISE version and patch information. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for VersionAndPatch + description: Complete reference of the VersionAndPatch API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!iseversion +notes: + - SDK Method used are + version_and_patch.VersionAndPatch.get_ise_version_and_patch, + + - Paths used are + get /ers/config/op/systemconfig/iseversion, + +""" + +EXAMPLES = r""" +- name: Get all System Config Version + cisco.ise.system_config_version_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "resultValue": [ + { + "value": "string", + "name": "string" + } + ] + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/tacacs_command_sets.py b/ansible_collections/cisco/ise/plugins/modules/tacacs_command_sets.py new file mode 100644 index 00000000..461d03bd --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/tacacs_command_sets.py @@ -0,0 +1,159 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: tacacs_command_sets +short_description: Resource module for TACACS Command Sets +description: +- Manage operations create, update and delete of the resource TACACS Command Sets. +- This API creates TACACS command sets. +- This API deletes TACACS command sets. +- This API allows the client to update TACACS command sets. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + commands: + description: TACACS Command Sets's commands. + suboptions: + commandList: + description: TACACS Command Sets's commandList. + elements: dict + suboptions: + arguments: + description: TACACS Command Sets's arguments. + type: str + command: + description: TACACS Command Sets's command. + type: str + grant: + description: Allowed values PERMIT, DENY, DENY_ALWAYS. + type: str + type: list + type: dict + description: + description: TACACS Command Sets's description. + type: str + id: + description: TACACS Command Sets's id. + type: str + name: + description: TACACS Command Sets's name. + type: str + permitUnmatched: + description: PermitUnmatched flag. + type: bool +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + tacacs_command_sets.TacacsCommandSets.create_tacacs_command_sets, + tacacs_command_sets.TacacsCommandSets.delete_tacacs_command_sets_by_id, + tacacs_command_sets.TacacsCommandSets.update_tacacs_command_sets_by_id, + + - Paths used are + post /ers/config/tacacscommandsets, + delete /ers/config/tacacscommandsets/{id}, + put /ers/config/tacacscommandsets/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.tacacs_command_sets: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + commands: + commandList: + - arguments: string + command: string + grant: string + description: string + id: string + name: string + permitUnmatched: true + +- name: Delete by id + cisco.ise.tacacs_command_sets: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.tacacs_command_sets: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + commands: + commandList: + - arguments: string + command: string + grant: string + description: string + name: string + permitUnmatched: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "permitUnmatched": true, + "commands": { + "commandList": [ + { + "grant": "string", + "command": "string", + "arguments": "string" + } + ] + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/tacacs_command_sets_info.py b/ansible_collections/cisco/ise/plugins/modules/tacacs_command_sets_info.py new file mode 100644 index 00000000..59398596 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/tacacs_command_sets_info.py @@ -0,0 +1,142 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: tacacs_command_sets_info +short_description: Information module for TACACS Command Sets +description: +- Get all TACACS Command Sets. +- Get TACACS Command Sets by id. +- Get TACACS Command Sets by name. +- This API allows the client to get TACACS command sets by ID. +- This API allows the client to get TACACS command sets by name. +- This API allows the client to get all the TACACS command sets. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + tacacs_command_sets.TacacsCommandSets.get_tacacs_command_sets_by_id, + tacacs_command_sets.TacacsCommandSets.get_tacacs_command_sets_by_name, + tacacs_command_sets.TacacsCommandSets.get_tacacs_command_sets_generator, + + - Paths used are + get /ers/config/tacacscommandsets, + get /ers/config/tacacscommandsets/name/{name}, + get /ers/config/tacacscommandsets/{id}, + +""" + +EXAMPLES = r""" +- name: Get all TACACS Command Sets + cisco.ise.tacacs_command_sets_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + register: result + +- name: Get TACACS Command Sets by id + cisco.ise.tacacs_command_sets_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get TACACS Command Sets by name + cisco.ise.tacacs_command_sets_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "permitUnmatched": true, + "commands": { + "commandList": [ + { + "grant": "string", + "command": "string", + "arguments": "string" + } + ] + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "permitUnmatched": true, + "commands": { + "commandList": [ + { + "grant": "string", + "command": "string", + "arguments": "string" + } + ] + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/tacacs_external_servers.py b/ansible_collections/cisco/ise/plugins/modules/tacacs_external_servers.py new file mode 100644 index 00000000..51d311bf --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/tacacs_external_servers.py @@ -0,0 +1,146 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: tacacs_external_servers +short_description: Resource module for TACACS External Servers +description: +- Manage operations create, update and delete of the resource TACACS External Servers. +- This API creates TACACS external servers. +- This API deletes TACACS external servers. +- This API allows the client to update TACACS external servers. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + connectionPort: + description: The port to connect the server. + type: int + description: + description: TACACS External Servers's description. + type: str + hostIP: + description: The server IPV4 address. + type: str + id: + description: TACACS External Servers's id. + type: str + name: + description: TACACS External Servers's name. + type: str + sharedSecret: + description: The server shared secret. + type: str + singleConnect: + description: Define the use of single connection. + type: bool + timeout: + description: The server timeout. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + tacacs_external_servers.TacacsExternalServers.create_tacacs_external_servers, + tacacs_external_servers.TacacsExternalServers.delete_tacacs_external_servers_by_id, + tacacs_external_servers.TacacsExternalServers.update_tacacs_external_servers_by_id, + + - Paths used are + post /ers/config/tacacsexternalservers, + delete /ers/config/tacacsexternalservers/{id}, + put /ers/config/tacacsexternalservers/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.tacacs_external_servers: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + connectionPort: 0 + description: string + hostIP: string + id: string + name: string + sharedSecret: string + singleConnect: true + timeout: 0 + +- name: Delete by id + cisco.ise.tacacs_external_servers: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.tacacs_external_servers: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + connectionPort: 0 + description: string + hostIP: string + name: string + sharedSecret: string + singleConnect: true + timeout: 0 + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "hostIP": "string", + "connectionPort": 0, + "singleConnect": true, + "sharedSecret": "string", + "timeout": 0, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/tacacs_external_servers_info.py b/ansible_collections/cisco/ise/plugins/modules/tacacs_external_servers_info.py new file mode 100644 index 00000000..5759de01 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/tacacs_external_servers_info.py @@ -0,0 +1,132 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: tacacs_external_servers_info +short_description: Information module for TACACS External Servers +description: +- Get all TACACS External Servers. +- Get TACACS External Servers by id. +- Get TACACS External Servers by name. +- This API allows the client to get TACACS external servers by ID. +- This API allows the client to get TACACS external servers by name. +- This API allows the client to get all the TACACS external servers. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + tacacs_external_servers.TacacsExternalServers.get_tacacs_external_servers_by_id, + tacacs_external_servers.TacacsExternalServers.get_tacacs_external_servers_by_name, + tacacs_external_servers.TacacsExternalServers.get_tacacs_external_servers_generator, + + - Paths used are + get /ers/config/tacacsexternalservers, + get /ers/config/tacacsexternalservers/name/{name}, + get /ers/config/tacacsexternalservers/{id}, + +""" + +EXAMPLES = r""" +- name: Get all TACACS External Servers + cisco.ise.tacacs_external_servers_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + register: result + +- name: Get TACACS External Servers by id + cisco.ise.tacacs_external_servers_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get TACACS External Servers by name + cisco.ise.tacacs_external_servers_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "hostIP": "string", + "connectionPort": 0, + "singleConnect": true, + "sharedSecret": "string", + "timeout": 0, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "hostIP": "string", + "connectionPort": 0, + "singleConnect": true, + "sharedSecret": "string", + "timeout": 0, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/tacacs_profile.py b/ansible_collections/cisco/ise/plugins/modules/tacacs_profile.py new file mode 100644 index 00000000..8cb53b9b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/tacacs_profile.py @@ -0,0 +1,153 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: tacacs_profile +short_description: Resource module for TACACS Profile +description: +- Manage operations create, update and delete of the resource TACACS Profile. +- This API creates a TACACS profile. +- This API deletes a TACACS profile. +- This API allows the client to update a TACACS profile. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + description: + description: TACACS Profile's description. + type: str + id: + description: TACACS Profile's id. + type: str + name: + description: TACACS Profile's name. + type: str + sessionAttributes: + description: Holds list of session attributes. View type for GUI is Shell by default. + suboptions: + sessionAttributeList: + description: TACACS Profile's sessionAttributeList. + elements: dict + suboptions: + name: + description: TACACS Profile's name. + type: str + type: + description: Allowed values MANDATORY, OPTIONAL. + type: str + value: + description: TACACS Profile's value. + type: str + type: list + type: dict +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + tacacs_profile.TacacsProfile.create_tacacs_profile, + tacacs_profile.TacacsProfile.delete_tacacs_profile_by_id, + tacacs_profile.TacacsProfile.update_tacacs_profile_by_id, + + - Paths used are + post /ers/config/tacacsprofile, + delete /ers/config/tacacsprofile/{id}, + put /ers/config/tacacsprofile/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.tacacs_profile: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + id: string + name: string + sessionAttributes: + sessionAttributeList: + - name: string + type: string + value: string + +- name: Delete by id + cisco.ise.tacacs_profile: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.tacacs_profile: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + name: string + sessionAttributes: + sessionAttributeList: + - name: string + type: string + value: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "sessionAttributes": { + "sessionAttributeList": [ + { + "type": "string", + "name": "string", + "value": "string" + } + ] + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/tacacs_profile_info.py b/ansible_collections/cisco/ise/plugins/modules/tacacs_profile_info.py new file mode 100644 index 00000000..a64d0f25 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/tacacs_profile_info.py @@ -0,0 +1,140 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: tacacs_profile_info +short_description: Information module for TACACS Profile +description: +- Get all TACACS Profile. +- Get TACACS Profile by id. +- Get TACACS Profile by name. +- This API allows the client to get a TACACS profile by ID. +- This API allows the client to get a TACACS profile by name. +- This API allows the client to get all the TACACS profiles. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + tacacs_profile.TacacsProfile.get_tacacs_profile_by_id, + tacacs_profile.TacacsProfile.get_tacacs_profile_by_name, + tacacs_profile.TacacsProfile.get_tacacs_profile_generator, + + - Paths used are + get /ers/config/tacacsprofile, + get /ers/config/tacacsprofile/name/{name}, + get /ers/config/tacacsprofile/{id}, + +""" + +EXAMPLES = r""" +- name: Get all TACACS Profile + cisco.ise.tacacs_profile_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + register: result + +- name: Get TACACS Profile by id + cisco.ise.tacacs_profile_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get TACACS Profile by name + cisco.ise.tacacs_profile_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "sessionAttributes": { + "sessionAttributeList": [ + { + "type": "string", + "name": "string", + "value": "string" + } + ] + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "sessionAttributes": { + "sessionAttributeList": [ + { + "type": "string", + "name": "string", + "value": "string" + } + ] + }, + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/tacacs_server_sequence.py b/ansible_collections/cisco/ise/plugins/modules/tacacs_server_sequence.py new file mode 100644 index 00000000..0f9669f0 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/tacacs_server_sequence.py @@ -0,0 +1,159 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: tacacs_server_sequence +short_description: Resource module for TACACS Server Sequence +description: +- Manage operations create, update and delete of the resource TACACS Server Sequence. +- This API creates a TACACS server sequence. +- This API deletes a TACACS server sequence. +- This API allows the client to update a TACACS server sequence. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + description: + description: TACACS Server Sequence's description. + type: str + id: + description: TACACS Server Sequence's id. + type: str + localAccounting: + description: LocalAccounting flag. + type: bool + name: + description: TACACS Server Sequence's name. + type: str + prefixDelimiter: + description: The delimiter that will be used for prefix strip. + type: str + prefixStrip: + description: Define if a delimiter will be used for prefix strip. + type: bool + remoteAccounting: + description: RemoteAccounting flag. + type: bool + serverList: + description: The names of TACACS external servers separated by commas. The order + of the names in the string is the order of servers that will be used during authentication. + type: str + suffixDelimiter: + description: The delimiter that will be used for suffix strip. + type: str + suffixStrip: + description: Define if a delimiter will be used for suffix strip. + type: bool +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + tacacs_server_sequence.TacacsServerSequence.create_tacacs_server_sequence, + tacacs_server_sequence.TacacsServerSequence.delete_tacacs_server_sequence_by_id, + tacacs_server_sequence.TacacsServerSequence.update_tacacs_server_sequence_by_id, + + - Paths used are + post /ers/config/tacacsserversequence, + delete /ers/config/tacacsserversequence/{id}, + put /ers/config/tacacsserversequence/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.tacacs_server_sequence: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + id: string + localAccounting: true + name: string + prefixDelimiter: string + prefixStrip: true + remoteAccounting: true + serverList: string + suffixDelimiter: string + suffixStrip: true + +- name: Delete by id + cisco.ise.tacacs_server_sequence: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +- name: Create + cisco.ise.tacacs_server_sequence: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + localAccounting: true + name: string + prefixDelimiter: string + prefixStrip: true + remoteAccounting: true + serverList: string + suffixDelimiter: string + suffixStrip: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "serverList": "string", + "localAccounting": true, + "remoteAccounting": true, + "prefixStrip": true, + "prefixDelimiter": "string", + "suffixStrip": true, + "suffixDelimiter": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "UpdatedFieldsList": { + "updatedField": [ + { + "field": "string", + "oldValue": "string", + "newValue": "string" + } + ], + "field": "string", + "oldValue": "string", + "newValue": "string" + } + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/tacacs_server_sequence_info.py b/ansible_collections/cisco/ise/plugins/modules/tacacs_server_sequence_info.py new file mode 100644 index 00000000..618b4c59 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/tacacs_server_sequence_info.py @@ -0,0 +1,136 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: tacacs_server_sequence_info +short_description: Information module for TACACS Server Sequence +description: +- Get all TACACS Server Sequence. +- Get TACACS Server Sequence by id. +- Get TACACS Server Sequence by name. +- This API allows the client to get a TACACS server sequence by ID. +- This API allows the client to get a TACACS server sequence by name. +- This API allows the client to get all the TACACS server sequences. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + name: + description: + - Name path parameter. + type: str + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +notes: + - SDK Method used are + tacacs_server_sequence.TacacsServerSequence.get_tacacs_server_sequence_by_id, + tacacs_server_sequence.TacacsServerSequence.get_tacacs_server_sequence_by_name, + tacacs_server_sequence.TacacsServerSequence.get_tacacs_server_sequence_generator, + + - Paths used are + get /ers/config/tacacsserversequence, + get /ers/config/tacacsserversequence/name/{name}, + get /ers/config/tacacsserversequence/{id}, + +""" + +EXAMPLES = r""" +- name: Get all TACACS Server Sequence + cisco.ise.tacacs_server_sequence_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + register: result + +- name: Get TACACS Server Sequence by id + cisco.ise.tacacs_server_sequence_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +- name: Get TACACS Server Sequence by name + cisco.ise.tacacs_server_sequence_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + name: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "name": "string", + "description": "string", + "serverList": "string", + "localAccounting": true, + "remoteAccounting": true, + "prefixStrip": true, + "prefixDelimiter": "string", + "suffixStrip": true, + "suffixDelimiter": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "name": "string", + "description": "string", + "serverList": "string", + "localAccounting": true, + "remoteAccounting": true, + "prefixStrip": true, + "prefixDelimiter": "string", + "suffixStrip": true, + "suffixDelimiter": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/tasks_info.py b/ansible_collections/cisco/ise/plugins/modules/tasks_info.py new file mode 100644 index 00000000..98dabd3d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/tasks_info.py @@ -0,0 +1,79 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: tasks_info +short_description: Information module for Tasks +description: +- Get all Tasks. +- Get Tasks by id. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + taskId: + description: + - TaskId path parameter. The id of the task executed before. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for tasks + description: Complete reference of the tasks API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!task-service-openapi +notes: + - SDK Method used are + tasks.Tasks.get_task_status, + tasks.Tasks.get_task_status_by_id, + + - Paths used are + get /api/v1/task, + get /api/v1/task/{taskId}, + +""" + +EXAMPLES = r""" +- name: Get all Tasks + cisco.ise.tasks_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +- name: Get Tasks by id + cisco.ise.tasks_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + taskId: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "detailStatus": [ + {} + ], + "executionStatus": "string", + "failCount": 0, + "id": "string", + "moduleType": "string", + "resourcesCount": 0, + "startTime": "string", + "successCount": 0 + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/telemetry_info.py b/ansible_collections/cisco/ise/plugins/modules/telemetry_info.py new file mode 100644 index 00000000..4393577a --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/telemetry_info.py @@ -0,0 +1,139 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: telemetry_info +short_description: Information module for Telemetry Info +description: +- Get all Telemetry Info. +- Get Telemetry Info by id. +- This API allows the client to get all the telemetry information. +- This API allows the client to get telemetry information by ID. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. + type: str + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + filter: + description: + - > + Filter query parameter. **Simple filtering** should be available through the filter query string parameter. + The structure of a filter is a triplet of field operator and value separated with dots. More than one filter + can be sent. The logical operator common to ALL filter criteria will be by default AND, and can be changed + by using the "filterType=or" query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for TelemetryInformation + description: Complete reference of the TelemetryInformation API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!telemetryinfo +notes: + - SDK Method used are + telemetry_information.TelemetryInformation.get_telemetry_info_by_id, + telemetry_information.TelemetryInformation.get_telemetry_information_generator, + + - Paths used are + get /ers/config/telemetryinfo, + get /ers/config/telemetryinfo/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Telemetry Info + cisco.ise.telemetry_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 1 + size: 20 + filter: [] + filterType: AND + register: result + +- name: Get Telemetry Info by id + cisco.ise.telemetry_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string", + "status": "string", + "deploymentId": "string", + "udiSN": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "id": "string", + "status": "string", + "deploymentId": "string", + "udiSN": "string", + "link": { + "rel": "string", + "href": "string", + "type": "string" + } + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/threat_vulnerabilities_clear.py b/ansible_collections/cisco/ise/plugins/modules/threat_vulnerabilities_clear.py new file mode 100644 index 00000000..853c23ad --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/threat_vulnerabilities_clear.py @@ -0,0 +1,56 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: threat_vulnerabilities_clear +short_description: Resource module for Threat Vulnerabilities Clear +description: +- Manage operation update of the resource Threat Vulnerabilities Clear. +- This API allows the client to delete the ThreatContext and Threat events that. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + macAddresses: + description: Threat Vulnerabilities Clear's macAddresses. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for ClearThreatsAndVulnerabilities + description: Complete reference of the ClearThreatsAndVulnerabilities API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!clearthreatsandvulneribilities +notes: + - SDK Method used are + clear_threats_and_vulnerabilities.ClearThreatsAndVulnerabilities.clear_threats_and_vulnerabilities, + + - Paths used are + put /ers/config/threat/clearThreatsAndVulneribilities, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.threat_vulnerabilities_clear: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + macAddresses: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + {} +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/transport_gateway_settings.py b/ansible_collections/cisco/ise/plugins/modules/transport_gateway_settings.py new file mode 100644 index 00000000..1db63b6e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/transport_gateway_settings.py @@ -0,0 +1,77 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: transport_gateway_settings +short_description: Resource module for Transport Gateway Settings +description: +- Manage operation update of the resource Transport Gateway Settings. +- Transport Gateway acts a proxy for the communication between the ISE servers in your network and the Telemetry servers in case of air-gapped network. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + enableTransportGateway: + description: Indicates whether transport gateway is enabled or not. + type: bool + url: + description: URL of transport gateway. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for telemetry + description: Complete reference of the telemetry API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!system-settings-openapi +notes: + - SDK Method used are + telemetry.Telemetry.update_transport_gateway, + + - Paths used are + put /api/v1/system-settings/telemetry/transport-gateway, + +""" + +EXAMPLES = r""" +- name: Update all + cisco.ise.transport_gateway_settings: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + enableTransportGateway: true + url: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "enableTransportGateway": true, + "url": "string" + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "enableTransportGateway": true, + "url": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/transport_gateway_settings_info.py b/ansible_collections/cisco/ise/plugins/modules/transport_gateway_settings_info.py new file mode 100644 index 00000000..a5f69c02 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/transport_gateway_settings_info.py @@ -0,0 +1,56 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: transport_gateway_settings_info +short_description: Information module for Transport Gateway Settings +description: +- Get all Transport Gateway Settings. +- Transport Gateway acts a proxy for the communication between the ISE servers in your network and the Telemetry servers in case of air-gapped network. +version_added: '2.1.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: {} +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for telemetry + description: Complete reference of the telemetry API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!system-settings-openapi +notes: + - SDK Method used are + telemetry.Telemetry.get_transport_gateway, + + - Paths used are + get /api/v1/system-settings/telemetry/transport-gateway, + +""" + +EXAMPLES = r""" +- name: Get all Transport Gateway Settings + cisco.ise.transport_gateway_settings_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "enableTransportGateway": true, + "url": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trusted_certificate.py b/ansible_collections/cisco/ise/plugins/modules/trusted_certificate.py new file mode 100644 index 00000000..d93fd1de --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trusted_certificate.py @@ -0,0 +1,219 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trusted_certificate +short_description: Resource module for Trusted Certificate +description: +- Manage operations update and delete of the resource Trusted Certificate. +- This API deletes a Trust Certificate from Trusted Certificate Store based on a given ID. +- Update a trusted certificate present in Cisco ISE trust store. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + authenticateBeforeCRLReceived: + description: Switch to enable or disable CRL verification if CRL is not received. + type: bool + automaticCRLUpdate: + description: Switch to enable or disable automatic CRL update. + type: bool + automaticCRLUpdatePeriod: + description: Automatic CRL update period. + type: int + automaticCRLUpdateUnits: + description: Unit of time for automatic CRL update. + type: str + crlDistributionUrl: + description: CRL Distribution URL. + type: str + crlDownloadFailureRetries: + description: If CRL download fails, wait time before retry. + type: int + crlDownloadFailureRetriesUnits: + description: Unit of time before retry if CRL download fails. + type: str + description: + description: Description for trust certificate. + type: str + downloadCRL: + description: Switch to enable or disable download of CRL. + type: bool + enableOCSPValidation: + description: Switch to enable or disable OCSP Validation. + type: bool + enableServerIdentityCheck: + description: Switch to enable or disable verification if HTTPS or LDAP server certificate + name fits the configured server URL. + type: bool + id: + description: Id path parameter. ID of the trust certificate. + type: str + ignoreCRLExpiration: + description: Switch to enable or disable ignore CRL expiration. + type: bool + name: + description: Friendly name of the certificate. + type: str + nonAutomaticCRLUpdatePeriod: + description: Non automatic CRL update period. + type: int + nonAutomaticCRLUpdateUnits: + description: Unit of time of non automatic CRL update. + type: str + rejectIfNoStatusFromOCSP: + description: Switch to reject certificate if there is no status from OCSP. + type: bool + rejectIfUnreachableFromOCSP: + description: Switch to reject certificate if unreachable from OCSP. + type: bool + selectedOCSPService: + description: Name of selected OCSP Service. + type: str + status: + description: Trusted Certificate's status. + type: str + trustForCertificateBasedAdminAuth: + description: Trust for Certificate based Admin authentication. + type: bool + trustForCiscoServicesAuth: + description: Trust for authentication of Cisco Services. + type: bool + trustForClientAuth: + description: Trust for client authentication and Syslog. + type: bool + trustForIseAuth: + description: Trust for authentication within Cisco ISE. + type: bool +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Certificates + description: Complete reference of the Certificates API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!certificate-openapi +notes: + - SDK Method used are + certificates.Certificates.delete_trusted_certificate_by_id, + certificates.Certificates.update_trusted_certificate, + + - Paths used are + delete /api/v1/certs/trusted-certificate/{id}, + put /api/v1/certs/trusted-certificate/{id}, + +""" + +EXAMPLES = r""" +- name: Update by id + cisco.ise.trusted_certificate: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + authenticateBeforeCRLReceived: true + automaticCRLUpdate: true + automaticCRLUpdatePeriod: 0 + automaticCRLUpdateUnits: string + crlDistributionUrl: string + crlDownloadFailureRetries: 0 + crlDownloadFailureRetriesUnits: string + description: string + downloadCRL: true + enableOCSPValidation: true + enableServerIdentityCheck: true + id: string + ignoreCRLExpiration: true + name: string + nonAutomaticCRLUpdatePeriod: 0 + nonAutomaticCRLUpdateUnits: string + rejectIfNoStatusFromOCSP: true + rejectIfUnreachableFromOCSP: true + selectedOCSPService: string + status: string + trustForCertificateBasedAdminAuth: true + trustForCiscoServicesAuth: true + trustForClientAuth: true + trustForIseAuth: true + +- name: Delete by id + cisco.ise.trusted_certificate: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "authenticateBeforeCRLReceived": "string", + "automaticCRLUpdate": "string", + "automaticCRLUpdatePeriod": "string", + "automaticCRLUpdateUnits": "string", + "crlDistributionUrl": "string", + "crlDownloadFailureRetries": "string", + "crlDownloadFailureRetriesUnits": "string", + "description": "string", + "downloadCRL": "string", + "enableOCSPValidation": "string", + "enableServerIdentityCheck": "string", + "expirationDate": "string", + "friendlyName": "string", + "id": "string", + "ignoreCRLExpiration": "string", + "internalCA": true, + "isReferredInPolicy": true, + "issuedBy": "string", + "issuedTo": "string", + "keySize": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "nonAutomaticCRLUpdatePeriod": "string", + "nonAutomaticCRLUpdateUnits": "string", + "rejectIfNoStatusFromOCSP": "string", + "rejectIfUnreachableFromOCSP": "string", + "selectedOCSPService": "string", + "serialNumberDecimalFormat": "string", + "sha256Fingerprint": "string", + "signatureAlgorithm": "string", + "status": "string", + "subject": "string", + "trustedFor": "string", + "validFrom": "string" + } + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: dict + sample: > + { + "response": { + "id": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "message": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trusted_certificate_export_info.py b/ansible_collections/cisco/ise/plugins/modules/trusted_certificate_export_info.py new file mode 100644 index 00000000..7912ff87 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trusted_certificate_export_info.py @@ -0,0 +1,75 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trusted_certificate_export_info +short_description: Information module for Trusted Certificate Export +description: +- Get Trusted Certificate Export by id. +- The response of this API carries a trusted certificate file mapped to the. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + id: + description: + - Id path parameter. ID of the Trusted Certificate to be exported. + type: str + dirPath: + description: + - Directory absolute path. Defaults to the current working directory. + type: str + saveFile: + description: + - Enable or disable automatic file creation of raw response. + type: bool + filename: + description: + - The filename used to save the download file. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Certificates + description: Complete reference of the Certificates API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!certificate-openapi +notes: + - SDK Method used are + certificates.Certificates.export_trusted_certificate, + + - Paths used are + get /api/v1/certs/trusted-certificate/export/{id}, + +""" + +EXAMPLES = r""" +- name: Get Trusted Certificate Export by id + cisco.ise.trusted_certificate_export_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "data": "filecontent", + "filename": "filename", + "dirpath": "download/directory", + "path": "download/directory/filename" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trusted_certificate_import.py b/ansible_collections/cisco/ise/plugins/modules/trusted_certificate_import.py new file mode 100644 index 00000000..795ddb27 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trusted_certificate_import.py @@ -0,0 +1,103 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trusted_certificate_import +short_description: Resource module for Trusted Certificate Import +description: +- Manage operation create of the resource Trusted Certificate Import. +- Import an X509 certificate as a trust certificate. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + allowBasicConstraintCAFalse: + description: Allow certificates with Basic Constraints CA Field as False (required). + type: bool + allowOutOfDateCert: + description: Allow out of date certificates (required). + type: bool + allowSHA1Certificates: + description: Allow SHA1 based certificates (required). + type: bool + data: + description: Certificate content (required). + type: str + description: + description: Description of the certificate. + type: str + name: + description: Name of the certificate. + type: str + trustForCertificateBasedAdminAuth: + description: Trust for Certificate based Admin authentication. + type: bool + trustForCiscoServicesAuth: + description: Trust for authentication of Cisco Services. + type: bool + trustForClientAuth: + description: Trust for client authentication and Syslog. + type: bool + trustForIseAuth: + description: Trust for authentication within Cisco ISE. + type: bool + validateCertificateExtensions: + description: Validate trust certificate extension. + type: bool +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Certificates + description: Complete reference of the Certificates API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!certificate-openapi +notes: + - SDK Method used are + certificates.Certificates.import_trust_certificate, + + - Paths used are + post /api/v1/certs/trusted-certificate/import, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.trusted_certificate_import: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + allowBasicConstraintCAFalse: true + allowOutOfDateCert: true + allowSHA1Certificates: true + data: string + description: string + name: string + trustForCertificateBasedAdminAuth: true + trustForCiscoServicesAuth: true + trustForClientAuth: true + trustForIseAuth: true + validateCertificateExtensions: true + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "response": { + "id": "string", + "message": "string", + "status": "string" + }, + "version": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trusted_certificate_info.py b/ansible_collections/cisco/ise/plugins/modules/trusted_certificate_info.py new file mode 100644 index 00000000..fceb4f0c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trusted_certificate_info.py @@ -0,0 +1,205 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trusted_certificate_info +short_description: Information module for Trusted Certificate +description: +- Get all Trusted Certificate. +- Get Trusted Certificate by id. +- This API can displays details of a Trust Certificate based on a given ID. +- This API supports Filtering, Sorting and Pagination. +version_added: '1.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sort: + description: + - Sort query parameter. Sort type - asc or desc. + type: str + sortBy: + description: + - SortBy query parameter. Sort column by which objects needs to be sorted. + type: str + filter: + description: + - > + Filter query parameter. .. Container **Simple filtering** should be available through the filter query + string parameter. The structure of a filter is a triplet of field operator and value separated with dots. + More than one filter can be sent. The logical operator common to ALL filter criteria will be by default AND, + and can be changed by using the *"filterType=or"* query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str + id: + description: + - Id path parameter. ID of the trust certificate. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for Certificates + description: Complete reference of the Certificates API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!certificate-openapi +notes: + - SDK Method used are + certificates.Certificates.get_trusted_certificate_by_id, + certificates.Certificates.get_trusted_certificates_generator, + + - Paths used are + get /api/v1/certs/trusted-certificate, + get /api/v1/certs/trusted-certificate/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Trusted Certificate + cisco.ise.trusted_certificate_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 0 + size: 0 + sort: string + sortBy: string + filter: [] + filterType: string + register: result + +- name: Get Trusted Certificate by id + cisco.ise.trusted_certificate_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "authenticateBeforeCRLReceived": "string", + "automaticCRLUpdate": "string", + "automaticCRLUpdatePeriod": "string", + "automaticCRLUpdateUnits": "string", + "crlDistributionUrl": "string", + "crlDownloadFailureRetries": "string", + "crlDownloadFailureRetriesUnits": "string", + "description": "string", + "downloadCRL": "string", + "enableOCSPValidation": "string", + "enableServerIdentityCheck": "string", + "expirationDate": "string", + "friendlyName": "string", + "id": "string", + "ignoreCRLExpiration": "string", + "internalCA": true, + "isReferredInPolicy": true, + "issuedBy": "string", + "issuedTo": "string", + "keySize": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "nonAutomaticCRLUpdatePeriod": "string", + "nonAutomaticCRLUpdateUnits": "string", + "rejectIfNoStatusFromOCSP": "string", + "rejectIfUnreachableFromOCSP": "string", + "selectedOCSPService": "string", + "serialNumberDecimalFormat": "string", + "sha256Fingerprint": "string", + "signatureAlgorithm": "string", + "status": "string", + "subject": "string", + "trustedFor": "string", + "validFrom": "string" + } + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + version_added: '1.1.0' + type: list + elements: dict + sample: > + [ + { + "authenticateBeforeCRLReceived": "string", + "automaticCRLUpdate": "string", + "automaticCRLUpdatePeriod": "string", + "automaticCRLUpdateUnits": "string", + "crlDistributionUrl": "string", + "crlDownloadFailureRetries": "string", + "crlDownloadFailureRetriesUnits": "string", + "description": "string", + "downloadCRL": "string", + "enableOCSPValidation": "string", + "enableServerIdentityCheck": "string", + "expirationDate": "string", + "friendlyName": "string", + "id": "string", + "ignoreCRLExpiration": "string", + "internalCA": true, + "isReferredInPolicy": true, + "issuedBy": "string", + "issuedTo": "string", + "keySize": "string", + "link": { + "href": "string", + "rel": "string", + "type": "string" + }, + "nonAutomaticCRLUpdatePeriod": "string", + "nonAutomaticCRLUpdateUnits": "string", + "rejectIfNoStatusFromOCSP": "string", + "rejectIfUnreachableFromOCSP": "string", + "selectedOCSPService": "string", + "serialNumberDecimalFormat": "string", + "sha256Fingerprint": "string", + "signatureAlgorithm": "string", + "status": "string", + "subject": "string", + "trustedFor": "string", + "validFrom": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trustsec_nbar_app.py b/ansible_collections/cisco/ise/plugins/modules/trustsec_nbar_app.py new file mode 100644 index 00000000..d82685f2 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trustsec_nbar_app.py @@ -0,0 +1,130 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trustsec_nbar_app +short_description: Resource module for Trustsec NBAR App +description: +- Manage operations create, update and delete of the resource Trustsec NBAR App. +- Create NBAR application. +- Update NBAR Application. +version_added: '2.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + description: + description: Trustsec NBAR App's description. + type: str + id: + description: Trustsec NBAR App's id. + type: str + name: + description: Trustsec NBAR App's name. + type: str + networkIdentities: + description: Array of NIs. + elements: dict + suboptions: + ports: + description: Trustsec NBAR App's ports. + type: str + protocol: + description: Trustsec NBAR App's protocol. + type: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for nbarApp + description: Complete reference of the nbarApp API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!trustsec-openapi +notes: + - SDK Method used are + nbar_app.NbarApp.create_nbar_app, + nbar_app.NbarApp.delete_nbar_app_by_id, + nbar_app.NbarApp.update_nbar_app_by_id, + + - Paths used are + post /api/v1/trustsec/sgacl/nbarapp, + delete /api/v1/trustsec/sgacl/nbarapp/{id}, + put /api/v1/trustsec/sgacl/nbarapp/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.trustsec_nbar_app: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + id: string + name: string + networkIdentities: + - ports: string + protocol: string + +- name: Update by id + cisco.ise.trustsec_nbar_app: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + description: string + id: string + name: string + networkIdentities: + - ports: string + protocol: string + +- name: Delete by id + cisco.ise.trustsec_nbar_app: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "description": "string", + "id": "string", + "name": "string", + "networkIdentities": [ + { + "ports": "string", + "protocol": "string" + } + ] + } + ] + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "code": 0, + "message": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trustsec_nbar_app_info.py b/ansible_collections/cisco/ise/plugins/modules/trustsec_nbar_app_info.py new file mode 100644 index 00000000..9c2b732b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trustsec_nbar_app_info.py @@ -0,0 +1,151 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trustsec_nbar_app_info +short_description: Information module for Trustsec NBAR App +description: +- Get all Trustsec NBAR App. +- Get Trustsec NBAR App by id. +- Get NBAR Application by id. +- Get all NBAR Applications. +version_added: '2.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sort: + description: + - Sort query parameter. Sort type - asc or desc. + type: str + sortBy: + description: + - SortBy query parameter. Sort column by which objects needs to be sorted. + type: str + filter: + description: + - > + Filter query parameter. .. Container **Simple filtering** should be available through the filter query + string parameter. The structure of a filter is a triplet of field operator and value separated with dots. + More than one filter can be sent. The logical operator common to ALL filter criteria will be by default AND, + and can be changed by using the *"filterType=or"* query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str + id: + description: + - Id path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for nbarApp + description: Complete reference of the nbarApp API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!trustsec-openapi +notes: + - SDK Method used are + nbar_app.NbarApp.get_nbar_app_by_id, + nbar_app.NbarApp.get_nbar_apps_generator, + + - Paths used are + get /api/v1/trustsec/sgacl/nbarapp, + get /api/v1/trustsec/sgacl/nbarapp/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Trustsec NBAR App + cisco.ise.trustsec_nbar_app_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 0 + size: 0 + sort: string + sortBy: string + filter: [] + filterType: string + register: result + +- name: Get Trustsec NBAR App by id + cisco.ise.trustsec_nbar_app_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "description": "string", + "id": "string", + "name": "string", + "networkIdentities": [ + { + "ports": "string", + "protocol": "string" + } + ] + } + ] + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "description": "string", + "id": "string", + "name": "string", + "networkIdentities": [ + { + "ports": "string", + "protocol": "string" + } + ] + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trustsec_sg_vn_mapping.py b/ansible_collections/cisco/ise/plugins/modules/trustsec_sg_vn_mapping.py new file mode 100644 index 00000000..b9c65804 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trustsec_sg_vn_mapping.py @@ -0,0 +1,130 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trustsec_sg_vn_mapping +short_description: Resource module for Trustsec SG VN Mapping +description: +- Manage operations create, update and delete of the resource Trustsec SG VN Mapping. +- Create Security Group and Virtual Network mapping. +- Delete Security Group and Virtual Network mapping. +- Update Security Group and Virtual Network mapping. +version_added: '2.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + id: + description: Identifier of the SG-VN mapping. + type: str + lastUpdate: + description: Timestamp for the last update of the SG-VN mapping. + type: str + sgName: + description: Name of the associated Security Group to be used for identity if id + is not provided. + type: str + sgtId: + description: Identifier of the associated Security Group which is required unless + its name is provided. + type: str + vnId: + description: Identifier for the associated Virtual Network which is required unless + its name is provided. + type: str + vnName: + description: Name of the associated Virtual Network to be used for identity if id + is not provided. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for sgVnMapping + description: Complete reference of the sgVnMapping API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!trustsec-openapi +notes: + - SDK Method used are + sg_vn_mapping.SgVnMapping.create_sg_vn_mapping, + sg_vn_mapping.SgVnMapping.delete_sg_vn_mapping_by_id, + sg_vn_mapping.SgVnMapping.update_sg_vn_mapping_by_id, + + - Paths used are + post /api/v1/trustsec/sgvnmapping, + delete /api/v1/trustsec/sgvnmapping/{id}, + put /api/v1/trustsec/sgvnmapping/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.trustsec_sg_vn_mapping: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + id: string + lastUpdate: string + sgName: string + sgtId: string + vnId: string + vnName: string + +- name: Update by id + cisco.ise.trustsec_sg_vn_mapping: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + id: string + lastUpdate: string + sgName: string + sgtId: string + vnId: string + vnName: string + +- name: Delete by id + cisco.ise.trustsec_sg_vn_mapping: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "id": "string", + "lastUpdate": "string", + "sgName": "string", + "sgtId": "string", + "vnId": "string", + "vnName": "string" + } + ] + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "code": 0, + "message": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trustsec_sg_vn_mapping_bulk_create.py b/ansible_collections/cisco/ise/plugins/modules/trustsec_sg_vn_mapping_bulk_create.py new file mode 100644 index 00000000..2adb8f02 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trustsec_sg_vn_mapping_bulk_create.py @@ -0,0 +1,87 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trustsec_sg_vn_mapping_bulk_create +short_description: Resource module for Trustsec SG VN Mapping Bulk Create +description: +- Manage operation create of the resource Trustsec SG VN Mapping Bulk Create. +version_added: '2.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + payload: + description: Trustsec SG VN Mapping Bulk Create's payload. + elements: dict + suboptions: + id: + description: Identifier of the SG-VN mapping. + type: str + lastUpdate: + description: Timestamp for the last update of the SG-VN mapping. + type: str + sgName: + description: Name of the associated Security Group to be used for identity if + id is not provided. + type: str + sgtId: + description: Identifier of the associated Security Group which is required unless + its name is provided. + type: str + vnId: + description: Identifier for the associated Virtual Network which is required + unless its name is provided. + type: str + vnName: + description: Name of the associated Virtual Network to be used for identity + if id is not provided. + type: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for sgVnMapping + description: Complete reference of the sgVnMapping API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!trustsec-openapi +notes: + - SDK Method used are + sg_vn_mapping.SgVnMapping.bulk_create_sg_vn_mappings, + + - Paths used are + post /api/v1/trustsec/sgvnmapping/bulk/create, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.trustsec_sg_vn_mapping_bulk_create: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + payload: + - id: string + lastUpdate: string + sgName: string + sgtId: string + vnId: string + vnName: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trustsec_sg_vn_mapping_bulk_delete.py b/ansible_collections/cisco/ise/plugins/modules/trustsec_sg_vn_mapping_bulk_delete.py new file mode 100644 index 00000000..b5d8b48d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trustsec_sg_vn_mapping_bulk_delete.py @@ -0,0 +1,59 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trustsec_sg_vn_mapping_bulk_delete +short_description: Resource module for Trustsec SG VN Mapping Bulk Delete +description: +- Manage operation create of the resource Trustsec SG VN Mapping Bulk Delete. +version_added: '2.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + payload: + description: Trustsec SG VN Mapping Bulk Delete's payload. + elements: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for sgVnMapping + description: Complete reference of the sgVnMapping API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!trustsec-openapi +notes: + - SDK Method used are + sg_vn_mapping.SgVnMapping.bulk_delete_sg_vn_mappings, + + - Paths used are + post /api/v1/trustsec/sgvnmapping/bulk/delete, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.trustsec_sg_vn_mapping_bulk_delete: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + payload: + - string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trustsec_sg_vn_mapping_bulk_update.py b/ansible_collections/cisco/ise/plugins/modules/trustsec_sg_vn_mapping_bulk_update.py new file mode 100644 index 00000000..05b1a97e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trustsec_sg_vn_mapping_bulk_update.py @@ -0,0 +1,87 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trustsec_sg_vn_mapping_bulk_update +short_description: Resource module for Trustsec SG VN Mapping Bulk Update +description: +- Manage operation create of the resource Trustsec SG VN Mapping Bulk Update. +version_added: '2.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + payload: + description: Trustsec SG VN Mapping Bulk Update's payload. + elements: dict + suboptions: + id: + description: Identifier of the SG-VN mapping. + type: str + lastUpdate: + description: Timestamp for the last update of the SG-VN mapping. + type: str + sgName: + description: Name of the associated Security Group to be used for identity if + id is not provided. + type: str + sgtId: + description: Identifier of the associated Security Group which is required unless + its name is provided. + type: str + vnId: + description: Identifier for the associated Virtual Network which is required + unless its name is provided. + type: str + vnName: + description: Name of the associated Virtual Network to be used for identity + if id is not provided. + type: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for sgVnMapping + description: Complete reference of the sgVnMapping API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!trustsec-openapi +notes: + - SDK Method used are + sg_vn_mapping.SgVnMapping.bulk_update_sg_vn_mappings, + + - Paths used are + post /api/v1/trustsec/sgvnmapping/bulk/update, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.trustsec_sg_vn_mapping_bulk_update: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + payload: + - id: string + lastUpdate: string + sgName: string + sgtId: string + vnId: string + vnName: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trustsec_sg_vn_mapping_info.py b/ansible_collections/cisco/ise/plugins/modules/trustsec_sg_vn_mapping_info.py new file mode 100644 index 00000000..3ac8cb0c --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trustsec_sg_vn_mapping_info.py @@ -0,0 +1,145 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trustsec_sg_vn_mapping_info +short_description: Information module for Trustsec SG VN Mapping +description: +- Get all Trustsec SG VN Mapping. +- Get Trustsec SG VN Mapping by id. +- Get Security Group and Virtual Network mapping by id. +- Get all Security Group and Virtual Network mappings. +version_added: '2.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sort: + description: + - Sort query parameter. Sort type - asc or desc. + type: str + sortBy: + description: + - SortBy query parameter. Sort column by which objects needs to be sorted. + type: str + filter: + description: + - > + Filter query parameter. .. Container **Simple filtering** should be available through the filter query + string parameter. The structure of a filter is a triplet of field operator and value separated with dots. + More than one filter can be sent. The logical operator common to ALL filter criteria will be by default AND, + and can be changed by using the *"filterType=or"* query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str + id: + description: + - Id path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for sgVnMapping + description: Complete reference of the sgVnMapping API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!trustsec-openapi +notes: + - SDK Method used are + sg_vn_mapping.SgVnMapping.get_sg_vn_mapping_by_id, + sg_vn_mapping.SgVnMapping.get_sg_vn_mappings_generator, + + - Paths used are + get /api/v1/trustsec/sgvnmapping, + get /api/v1/trustsec/sgvnmapping/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Trustsec SG VN Mapping + cisco.ise.trustsec_sg_vn_mapping_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 0 + size: 0 + sort: string + sortBy: string + filter: [] + filterType: string + register: result + +- name: Get Trustsec SG VN Mapping by id + cisco.ise.trustsec_sg_vn_mapping_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "id": "string", + "lastUpdate": "string", + "sgName": "string", + "sgtId": "string", + "vnId": "string", + "vnName": "string" + } + ] + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "id": "string", + "lastUpdate": "string", + "sgName": "string", + "sgtId": "string", + "vnId": "string", + "vnName": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trustsec_vn.py b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn.py new file mode 100644 index 00000000..7bd274ee --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn.py @@ -0,0 +1,113 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trustsec_vn +short_description: Resource module for Trustsec VN +description: +- Manage operations create, update and delete of the resource Trustsec VN. +- Create Virtual Network. +- Update Virtual Network. +version_added: '2.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + additionalAttributes: + description: JSON String of additional attributes for the Virtual Network. + type: str + id: + description: Identifier of the Virtual Network. + type: str + lastUpdate: + description: Timestamp for the last update of the Virtual Network. + type: str + name: + description: Name of the Virtual Network. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for virtualNetwork + description: Complete reference of the virtualNetwork API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!trustsec-openapi +notes: + - SDK Method used are + virtual_network.VirtualNetwork.create_virtual_network, + virtual_network.VirtualNetwork.delete_virtual_network_by_id, + virtual_network.VirtualNetwork.update_virtual_network_by_id, + + - Paths used are + post /api/v1/trustsec/virtualnetwork, + delete /api/v1/trustsec/virtualnetwork/{id}, + put /api/v1/trustsec/virtualnetwork/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.trustsec_vn: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + additionalAttributes: string + id: string + lastUpdate: string + name: string + +- name: Update by id + cisco.ise.trustsec_vn: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + additionalAttributes: string + id: string + lastUpdate: string + name: string + +- name: Delete by id + cisco.ise.trustsec_vn: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "additionalAttributes": "string", + "id": "string", + "lastUpdate": "string", + "name": "string" + } + ] + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "code": 0, + "message": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_bulk_create.py b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_bulk_create.py new file mode 100644 index 00000000..3893db42 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_bulk_create.py @@ -0,0 +1,75 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trustsec_vn_bulk_create +short_description: Resource module for Trustsec VN Bulk Create +description: +- Manage operation create of the resource Trustsec VN Bulk Create. +version_added: '2.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + payload: + description: Trustsec VN Bulk Create's payload. + elements: dict + suboptions: + additionalAttributes: + description: JSON String of additional attributes for the Virtual Network. + type: str + id: + description: Identifier of the Virtual Network. + type: str + lastUpdate: + description: Timestamp for the last update of the Virtual Network. + type: str + name: + description: Name of the Virtual Network. + type: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for virtualNetwork + description: Complete reference of the virtualNetwork API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!trustsec-openapi +notes: + - SDK Method used are + virtual_network.VirtualNetwork.bulk_create_virtual_networks, + + - Paths used are + post /api/v1/trustsec/virtualnetwork/bulk/create, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.trustsec_vn_bulk_create: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + payload: + - additionalAttributes: string + id: string + lastUpdate: string + name: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_bulk_delete.py b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_bulk_delete.py new file mode 100644 index 00000000..88fa0ce8 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_bulk_delete.py @@ -0,0 +1,59 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trustsec_vn_bulk_delete +short_description: Resource module for Trustsec VN Bulk Delete +description: +- Manage operation create of the resource Trustsec VN Bulk Delete. +version_added: '2.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + payload: + description: Trustsec VN Bulk Delete's payload. + elements: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for virtualNetwork + description: Complete reference of the virtualNetwork API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!trustsec-openapi +notes: + - SDK Method used are + virtual_network.VirtualNetwork.bulk_delete_virtual_networks, + + - Paths used are + post /api/v1/trustsec/virtualnetwork/bulk/delete, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.trustsec_vn_bulk_delete: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + payload: + - string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_bulk_update.py b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_bulk_update.py new file mode 100644 index 00000000..c823d303 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_bulk_update.py @@ -0,0 +1,75 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trustsec_vn_bulk_update +short_description: Resource module for Trustsec VN Bulk Update +description: +- Manage operation create of the resource Trustsec VN Bulk Update. +version_added: '2.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + payload: + description: Trustsec VN Bulk Update's payload. + elements: dict + suboptions: + additionalAttributes: + description: JSON String of additional attributes for the Virtual Network. + type: str + id: + description: Identifier of the Virtual Network. + type: str + lastUpdate: + description: Timestamp for the last update of the Virtual Network. + type: str + name: + description: Name of the Virtual Network. + type: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for virtualNetwork + description: Complete reference of the virtualNetwork API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!trustsec-openapi +notes: + - SDK Method used are + virtual_network.VirtualNetwork.bulk_update_virtual_networks, + + - Paths used are + post /api/v1/trustsec/virtualnetwork/bulk/update, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.trustsec_vn_bulk_update: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + payload: + - additionalAttributes: string + id: string + lastUpdate: string + name: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_info.py b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_info.py new file mode 100644 index 00000000..7c877bc3 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_info.py @@ -0,0 +1,141 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trustsec_vn_info +short_description: Information module for Trustsec VN +description: +- Get all Trustsec VN. +- Get Trustsec VN by id. +- Get Virtual Network by id. +- Get all Virtual Networks. +version_added: '2.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sort: + description: + - Sort query parameter. Sort type - asc or desc. + type: str + sortBy: + description: + - SortBy query parameter. Sort column by which objects needs to be sorted. + type: str + filter: + description: + - > + Filter query parameter. .. Container **Simple filtering** should be available through the filter query + string parameter. The structure of a filter is a triplet of field operator and value separated with dots. + More than one filter can be sent. The logical operator common to ALL filter criteria will be by default AND, + and can be changed by using the *"filterType=or"* query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str + id: + description: + - Id path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for virtualNetwork + description: Complete reference of the virtualNetwork API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!trustsec-openapi +notes: + - SDK Method used are + virtual_network.VirtualNetwork.get_virtual_network_by_id, + virtual_network.VirtualNetwork.get_virtual_networks_generator, + + - Paths used are + get /api/v1/trustsec/virtualnetwork, + get /api/v1/trustsec/virtualnetwork/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Trustsec VN + cisco.ise.trustsec_vn_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 0 + size: 0 + sort: string + sortBy: string + filter: [] + filterType: string + register: result + +- name: Get Trustsec VN by id + cisco.ise.trustsec_vn_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "additionalAttributes": "string", + "id": "string", + "lastUpdate": "string", + "name": "string" + } + ] + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "additionalAttributes": "string", + "id": "string", + "lastUpdate": "string", + "name": "string" + } + ] +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_vlan_mapping.py b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_vlan_mapping.py new file mode 100644 index 00000000..712c562b --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_vlan_mapping.py @@ -0,0 +1,139 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trustsec_vn_vlan_mapping +short_description: Resource module for Trustsec VN VLAN Mapping +description: +- Manage operations create, update and delete of the resource Trustsec VN VLAN Mapping. +- Create VN-Vlan Mapping. +- Update VN-Vlan Mapping. +version_added: '2.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + id: + description: Identifier of the VN-VLAN Mapping. + type: str + isData: + description: Flag which indicates whether the VLAN is data or voice type. + type: bool + isDefaultVLAN: + description: Flag which indicates if the VLAN is default. + type: bool + lastUpdate: + description: Timestamp for the last update of the VN-VLAN Mapping. + type: str + maxValue: + description: Max value. + type: int + name: + description: Name of the VLAN. + type: str + vnId: + description: Identifier for the associated Virtual Network which is required unless + its name is provided. + type: str + vnName: + description: Name of the associated Virtual Network to be used for identity if id + is not provided. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for vnVlanMapping + description: Complete reference of the vnVlanMapping API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!trustsec-openapi +notes: + - SDK Method used are + vn_vlan_mapping.VnVlanMapping.create_vn_vlan_mapping, + vn_vlan_mapping.VnVlanMapping.delete_vn_vlan_mapping_by_id, + vn_vlan_mapping.VnVlanMapping.update_vn_vlan_mapping_by_id, + + - Paths used are + post /api/v1/trustsec/vnvlanmapping, + delete /api/v1/trustsec/vnvlanmapping/{id}, + put /api/v1/trustsec/vnvlanmapping/{id}, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.trustsec_vn_vlan_mapping: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + id: string + isData: true + isDefaultVlan: true + lastUpdate: string + maxValue: 0 + name: string + vnId: string + vnName: string + +- name: Update by id + cisco.ise.trustsec_vn_vlan_mapping: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: present + id: string + isData: true + isDefaultVlan: true + lastUpdate: string + maxValue: 0 + name: string + vnId: string + vnName: string + +- name: Delete by id + cisco.ise.trustsec_vn_vlan_mapping: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + state: absent + id: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "id": "string", + "isData": true, + "isDefaultVlan": true, + "lastUpdate": "string", + "maxValue": 0, + "name": "string", + "vnId": "string", + "vnName": "string" + } + ] + +ise_update_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "code": 0, + "message": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_vlan_mapping_bulk_create.py b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_vlan_mapping_bulk_create.py new file mode 100644 index 00000000..bbe8e598 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_vlan_mapping_bulk_create.py @@ -0,0 +1,93 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trustsec_vn_vlan_mapping_bulk_create +short_description: Resource module for Trustsec VN VLAN Mapping Bulk Create +description: +- Manage operation create of the resource Trustsec VN VLAN Mapping Bulk Create. +version_added: '2.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + payload: + description: Trustsec VN VLAN Mapping Bulk Create's payload. + elements: dict + suboptions: + id: + description: Identifier of the VN-VLAN Mapping. + type: str + isData: + description: Flag which indicates whether the VLAN is data or voice type. + type: bool + isDefaultVLAN: + description: Flag which indicates if the VLAN is default. + type: bool + lastUpdate: + description: Timestamp for the last update of the VN-VLAN Mapping. + type: str + maxValue: + description: Max value. + type: int + name: + description: Name of the VLAN. + type: str + vnId: + description: Identifier for the associated Virtual Network which is required + unless its name is provided. + type: str + vnName: + description: Name of the associated Virtual Network to be used for identity + if id is not provided. + type: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for vnVlanMapping + description: Complete reference of the vnVlanMapping API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!trustsec-openapi +notes: + - SDK Method used are + vn_vlan_mapping.VnVlanMapping.bulk_create_vn_vlan_mappings, + + - Paths used are + post /api/v1/trustsec/vnvlanmapping/bulk/create, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.trustsec_vn_vlan_mapping_bulk_create: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + payload: + - id: string + isData: true + isDefaultVlan: true + lastUpdate: string + maxValue: 0 + name: string + vnId: string + vnName: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_vlan_mapping_bulk_delete.py b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_vlan_mapping_bulk_delete.py new file mode 100644 index 00000000..88a6c1e3 --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_vlan_mapping_bulk_delete.py @@ -0,0 +1,59 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trustsec_vn_vlan_mapping_bulk_delete +short_description: Resource module for Trustsec VN VLAN Mapping Bulk Delete +description: +- Manage operation create of the resource Trustsec VN VLAN Mapping Bulk Delete. +version_added: '2.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + payload: + description: Trustsec VN VLAN Mapping Bulk Delete's payload. + elements: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for vnVlanMapping + description: Complete reference of the vnVlanMapping API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!trustsec-openapi +notes: + - SDK Method used are + vn_vlan_mapping.VnVlanMapping.bulk_delete_vn_vlan_mappings, + + - Paths used are + post /api/v1/trustsec/vnvlanmapping/bulk/delete, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.trustsec_vn_vlan_mapping_bulk_delete: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + payload: + - string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_vlan_mapping_bulk_update.py b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_vlan_mapping_bulk_update.py new file mode 100644 index 00000000..e99b6f6d --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_vlan_mapping_bulk_update.py @@ -0,0 +1,93 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trustsec_vn_vlan_mapping_bulk_update +short_description: Resource module for Trustsec VN VLAN Mapping Bulk Update +description: +- Manage operation create of the resource Trustsec VN VLAN Mapping Bulk Update. +version_added: '2.0.0' +extends_documentation_fragment: + - cisco.ise.module +author: Rafael Campos (@racampos) +options: + payload: + description: Trustsec VN VLAN Mapping Bulk Update's payload. + elements: dict + suboptions: + id: + description: Identifier of the VN-VLAN Mapping. + type: str + isData: + description: Flag which indicates whether the VLAN is data or voice type. + type: bool + isDefaultVLAN: + description: Flag which indicates if the VLAN is default. + type: bool + lastUpdate: + description: Timestamp for the last update of the VN-VLAN Mapping. + type: str + maxValue: + description: Max value. + type: int + name: + description: Name of the VLAN. + type: str + vnId: + description: Identifier for the associated Virtual Network which is required + unless its name is provided. + type: str + vnName: + description: Name of the associated Virtual Network to be used for identity + if id is not provided. + type: str + type: list +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for vnVlanMapping + description: Complete reference of the vnVlanMapping API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!trustsec-openapi +notes: + - SDK Method used are + vn_vlan_mapping.VnVlanMapping.bulk_update_vn_vlan_mappings, + + - Paths used are + post /api/v1/trustsec/vnvlanmapping/bulk/update, + +""" + +EXAMPLES = r""" +- name: Create + cisco.ise.trustsec_vn_vlan_mapping_bulk_update: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + payload: + - id: string + isData: true + isDefaultVlan: true + lastUpdate: string + maxValue: 0 + name: string + vnId: string + vnName: string + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: dict + sample: > + { + "id": "string" + } +""" diff --git a/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_vlan_mapping_info.py b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_vlan_mapping_info.py new file mode 100644 index 00000000..c6047e4e --- /dev/null +++ b/ansible_collections/cisco/ise/plugins/modules/trustsec_vn_vlan_mapping_info.py @@ -0,0 +1,149 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2021, Cisco Systems +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) + +DOCUMENTATION = r""" +--- +module: trustsec_vn_vlan_mapping_info +short_description: Information module for Trustsec VN VLAN Mapping +description: +- Get all Trustsec VN VLAN Mapping. +- Get Trustsec VN VLAN Mapping by id. +- Get VN-Vlan Mapping by id. +- Get all VN-Vlan Mappings. +version_added: '2.0.0' +extends_documentation_fragment: + - cisco.ise.module_info +author: Rafael Campos (@racampos) +options: + page: + description: + - Page query parameter. Page number. + type: int + size: + description: + - Size query parameter. Number of objects returned per page. + type: int + sort: + description: + - Sort query parameter. Sort type - asc or desc. + type: str + sortBy: + description: + - SortBy query parameter. Sort column by which objects needs to be sorted. + type: str + filter: + description: + - > + Filter query parameter. .. Container **Simple filtering** should be available through the filter query + string parameter. The structure of a filter is a triplet of field operator and value separated with dots. + More than one filter can be sent. The logical operator common to ALL filter criteria will be by default AND, + and can be changed by using the *"filterType=or"* query string parameter. + - Each resource Data model description should specify if an attribute is a filtered field. + - The 'EQ' operator describes 'Equals'. + - The 'NEQ' operator describes 'Not Equals'. + - The 'GT' operator describes 'Greater Than'. + - The 'LT' operator describes 'Less Than'. + - The 'STARTSW' operator describes 'Starts With'. + - The 'NSTARTSW' operator describes 'Not Starts With'. + - The 'ENDSW' operator describes 'Ends With'. + - The 'NENDSW' operator describes 'Not Ends With'. + - The 'CONTAINS' operator describes 'Contains'. + - The 'NCONTAINS' operator describes 'Not Contains'. + elements: str + type: list + filterType: + description: + - > + FilterType query parameter. The logical operator common to ALL filter criteria will be by default AND, and + can be changed by using the parameter. + type: str + id: + description: + - Id path parameter. + type: str +requirements: +- ciscoisesdk >= 2.0.8 +- python >= 3.5 +seealso: +- name: Cisco ISE documentation for vnVlanMapping + description: Complete reference of the vnVlanMapping API. + link: https://developer.cisco.com/docs/identity-services-engine/v1/#!trustsec-openapi +notes: + - SDK Method used are + vn_vlan_mapping.VnVlanMapping.get_vn_vlan_mapping_by_id, + vn_vlan_mapping.VnVlanMapping.get_vn_vlan_mappings_generator, + + - Paths used are + get /api/v1/trustsec/vnvlanmapping, + get /api/v1/trustsec/vnvlanmapping/{id}, + +""" + +EXAMPLES = r""" +- name: Get all Trustsec VN VLAN Mapping + cisco.ise.trustsec_vn_vlan_mapping_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + page: 0 + size: 0 + sort: string + sortBy: string + filter: [] + filterType: string + register: result + +- name: Get Trustsec VN VLAN Mapping by id + cisco.ise.trustsec_vn_vlan_mapping_info: + ise_hostname: "{{ise_hostname}}" + ise_username: "{{ise_username}}" + ise_password: "{{ise_password}}" + ise_verify: "{{ise_verify}}" + id: string + register: result + +""" + +RETURN = r""" +ise_response: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "id": "string", + "isData": true, + "isDefaultVlan": true, + "lastUpdate": "string", + "maxValue": 0, + "name": "string", + "vnId": "string", + "vnName": "string" + } + ] + +ise_responses: + description: A dictionary or list with the response returned by the Cisco ISE Python SDK + returned: always + type: list + elements: dict + sample: > + [ + { + "id": "string", + "isData": true, + "isDefaultVlan": true, + "lastUpdate": "string", + "maxValue": 0, + "name": "string", + "vnId": "string", + "vnName": "string" + } + ] +""" |